VIP AuthHub- FIDO PASSKEY Usage when upgrading from 2.2.x to 3.3.x release
search cancel

VIP AuthHub- FIDO PASSKEY Usage when upgrading from 2.2.x to 3.3.x release

book

Article ID: 388631

calendar_today

Updated On:

Products

VIP Authentication Hub

Issue/Introduction

We are using VIP Authentication Hub 2.2 version and in the process of upgrading to 3.3.x release.

As part of this 2.2 release, the below FIDO REST APIs are used for user FIDO registration and Authentication.

/default/oauth2/v1/token
/default/auth/v1/authenticate
/default/factor/v1/FIDOAuthChallengeGenerator
/default/factor/v1/FIDOAuthChallengeVerifier
/default/factor/v1/FIDORegChallengeVerifier
/default/factor/v1/MeCreds

What changes to the APIs will be needed to use PASSKEY instead of FIDO since currently we are using fidoCredType = FIDO 

Environment

AuthHub 3.3.x 

Resolution

- Starting with 3.3, fidoCredType now supports the following values -->  "FIDO",  "SECURITYKEY" or "PASSKEY" with FIDO is the default if no fidoCredType is passed in the body of the request.

- To use FIDO passkey Registration flow  /factor/v1/FIDORegChallengeGenerator  , you will need to set the fidoCredType = PASSKEY in your call as follows 

       {
         "documentDomain":"https://www.example.com",
         "userName": "nbruce",
         "deviceName": "test1",
         "fidoCredType" : "PASSKEY"
       }

 

Same for the FIDOAuthChallengeGenerator API , you need to use the following 

      {
        "documentDomain":"https://www.example.com",
        "userName": "nbruce",
        "fidoCredType" : "PASSKEY"
      }

  
  
Please see the following link for additional details --> https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/vip-authentication-hub/3-3/Using/Authentication-services/factor-services/Fido-Microservice.html

Also following link on how to use the PASSKEY from the signing UI --> https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/vip-authentication-hub/3-3/Using/Authentication-services/factor-services/Fido-Microservice/using-passkey.html

 Also please see Release Note of 3.3 that discuss the change in the PASSKEY settings --> https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/vip-authentication-hub/3-3/Release-Notes/release-notes-3-3.html#_b7ad5325-a1fa-4b10-865f-b5d65ffb45ba_newFeatures

Powered by Wolken Software