Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.
The signature
read-only property of the AuthenticatorAssertionResponse
interface is an ArrayBuffer
object which is the signature of the authenticator for both AuthenticatorAssertionResponse.authenticatorData
and a SHA-256 hash of the client data (AuthenticatorAssertionResponse.clientDataJSON
).
This signature will be sent to the server for control, as part of the response. It provides the proof that an authenticator does possess the private key which was used for the credential's generation.