WebAuthnRegistrationService
Component Detail
Description
Implements the WebAuthn registration ceremony end-to-end. Fetches a PublicKeyCredentialCreationOptions challenge from the backend, invokes the platform authenticator, and submits the resulting attestation object for server-side verification. Normalises browser and native FIDO2 API differences.
webauthn-registration-service
Sources & reasoning
Passkeys are not explicitly mentioned in the source documentation. The feature is required by the authoritative blueprint which assigns it to Authentication & Access Control at v1.1. Target release v1.1 follows the blueprint's phase assignment; no earlier phase evidence exists in the source doc, and the feature is clearly post-BankID/Vipps (Fase 2) in any logical delivery sequence.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Request registration challenge from backend API
- Call platform WebAuthn navigator.credentials.create() or equivalent native API
- Encode and POST attestation response to backend
- Persist resulting credential metadata locally on success
- Map platform errors to domain-specific WebAuthnError types
Interfaces
beginRegistration(userId: string, displayName: string): Promise<RegistrationResult>
submitAttestation(attestation: AttestationResponse): Promise<PasskeyCredential>