Open
Description
#62112 adds support for passkeys in ASP.NET Core Identity and extends the Blazor Web App template to support passkey management and authentication. However, there are some follow-up items we should consider:
- Enable WebAuthn conformance testing in CI
- There's currently a project in this repo that can be run against the FIDO2 Conformance Test tool, but the tool itself is proprietary and doesn't have a CLI. We should consider writing our own solution that performs similar validations to the conformance testing tool.
- Determine how to best help customers migrate their databases to include passkeys
- Update scaffolding to include passkey support
- Support passwordless account creation
- Support conditional create to allow the user to seamlessly upgrade a password to a passkey after signing in
- Use the signals API to, e.g., inform the authenticator when a passkey was revoked so it doesn't get presented to the user as an option when signing in
- Make it easy to configure well-known passkey endpoints so that authenticators can automatically upgrade passwords to passkeys without requiring the customer to visit the site
-
UpdateMapIdentityApi()to add endpoints for passkeys -
UpdateMicrosoft.AspNetCore.Identity.UIto support the same passkey UI that got added to the Blazor Web App template