|
byte[] | ClientDataHash = default! [get, set] |
| SHA-256 hash of the client data JSON. Required parameter (CTAP2 key: 0x01). 32-byte hash of ClientData JSON. Used to bind the credential to the current operation.
|
|
uint? | EnterpriseAttestation [get, set] |
| If the EnterpriseAttestation parameter is absent, attestation’s privacy characteristics are unaffected, regardless of whether the enterprise attestation feature is presently enabled. If present with a valid value, the usual privacy concerns around attestation batching may not apply to the results of this operation and the platform is requesting an enterprise attestation that includes uniquely identifying information.
|
|
List< PublicKeyCredentialDescriptor >? | ExcludeList [get, set] |
| List of existing credentials to exclude. Optional parameter (CTAP2 key: 0x05). Prevents creation of duplicate credentials for the same RP/user pair.
|
|
Dictionary< string, object >? | Extensions [get, set] |
| Requested authentication extensions. Optional parameter (CTAP2 key: 0x06). Dictionary of extension identifiers to extension-specific parameters (e.g., credProtect, hmac-secret).
|
|
Dictionary< string, object >? | Options [get, set] |
| Authenticator options.
|
|
byte?[] | PinUvAuthParam [get, set] |
| PIN/UV authentication signature. Optional parameter (CTAP2 key: 0x08). HMAC-SHA256 of clientDataHash using shared secret.
|
|
uint? | PinUvAuthProtocol [get, set] |
| Selected PIN/UV protocol version. Optional parameter (CTAP2 key: 0x09). Must match protocol version used during key agreement and PIN operations.
|
|
List< PublicKeyCredentialParameters > | PubKeyCredParams = [] [get, set] |
| List of supported public key algorithms. Required parameter (CTAP2 key: 0x04). Must contain at least one algorithm the authenticator supports (e.g., ES256, RS256). Ordered by RP preference.
|
|
PublicKeyCredentialRpEntity | Rp = new() [get, set] |
| Relying Party (RP) entity information. Required parameter (CTAP2 key: 0x02). Contains RP ID and display information. Must match the RP ID used in subsequent authentication requests.
|
|
PublicKeyCredentialUserEntity | User = new() [get, set] |
| User account information. Required parameter (CTAP2 key: 0x03). Contains user handle and display data. User ID must be unique within the RP domain.
|
|
Represents parameters for the FIDO CTAP2 authenticatorMakeCredential
command.