Process for gaining access to the Fido2PrivilegedApiClient

67 views
Skip to first unread message

Garrison Henkle

unread,
Aug 24, 2023, 11:01:13 AM8/24/23
to FIDO Dev (fido-dev)
Hello,

I'm working on an Android browser project, and I'm currently unable to provide my users with access to passkeys and other forms of FIDO2 authentication without the Fido2PrivlegedApiClient. Is there a list of requirements or an established process to be added to the privileged client's allowlist?

For context, the browser app that I am working on is forked from Firefox, so the FIDO2 logic is already setup. Without access to the privileged client, though, the logic seems to default to the non-privileged client (which is essentially the same as not having any FIDO2 access in my use-case).

Regards,
Garrison

Anders Rundgren

unread,
Aug 24, 2023, 11:08:55 AM8/24/23
to Garrison Henkle, FIDO Dev (fido-dev)
Right, is the why the FIDO standard fails at payments.

It works on Windows but since there is no PaymentRquest in Windows it fails for other reasons.

related: https://fido-web-pay.github.io


Regards,
Anders

>
> Regards,
> Garrison
>
> --
> You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org <mailto:fido-dev+u...@fidoalliance.org>.
> To view this discussion on the web visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/cca476e9-ccb6-4468-a18e-d6c01ff49a80n%40fidoalliance.org <https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/cca476e9-ccb6-4468-a18e-d6c01ff49a80n%40fidoalliance.org?utm_medium=email&utm_source=footer>.

Adam Langley

unread,
Aug 25, 2023, 9:23:01 AM8/25/23
to FIDO Dev (fido-dev), Garrison Henkle
On Thursday, August 24, 2023 at 8:01:13 AM UTC-7 Garrison Henkle wrote:
I'm working on an Android browser project, and I'm currently unable to provide my users with access to passkeys and other forms of FIDO2 authentication without the Fido2PrivlegedApiClient. Is there a list of requirements or an established process to be added to the privileged client's allowlist?

For context, the browser app that I am working on is forked from Firefox, so the FIDO2 logic is already setup. Without access to the privileged client, though, the logic seems to default to the non-privileged client (which is essentially the same as not having any FIDO2 access in my use-case).

Please email me, agl at google.com, with more details including contact addresses, package name(s), and signing certificate hash(es).


Cheers

AGL 
Reply all
Reply to author
Forward
0 new messages