Add support for non-modal UI · Issue #1545

WebAuthn UIs in browsers are typically intrusive. This presents a challenge for sites that are transitioning from usernames and passwords because they have to have a separate “Use WebAuthn” UI element for those who wish to.

WebAuthn could provide a signal to user-agents that a gentler presentation is desired such that sites can always trigger such a WebAuthn request on their login name and leave it up to the browser to show a suitable amount of UI. The amount of UI might depend on whether responsive credentials are known to exist, whether the user has used WebAuthn in the past, or other sensible factors. The site awaits the resolution of the Promise, which might simply never come if WebAuthn is not suitable for the current user.

(This is being filed as a placeholder for L3.)

UPDATE 2021-11-04: This UI approach is now known as "Conditional UI", see also WebAuthn PR #1576 "conditional UI via mediation" and Credential Management PR #155 Add "conditional mediation", which in combination address this issue.

Add support for non-modal UI · Issue #1545 · w3c/webauthn (original) (raw)