W3cubDocs

/Web APIs

AuthenticatorAttestationResponse

Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

The AuthenticatorAttestationResponse interface of the Web Authentication API is the result of a WebAuthn credential registration. It contains information about the credential that the server needs to perform WebAuthn assertions, such as its credential ID and public key.

An AuthenticatorAttestationResponse object instance is available in the response property of a PublicKeyCredential object returned by a successful CredentialsContainer.create() call.

This interface inherits from AuthenticatorResponse.

AuthenticatorResponse AuthenticatorAttestationResponse

Note: This interface is restricted to top-level contexts. Use of its features from within an <iframe> element will not have any effect.

Instance properties

Also inherits properties from its parent, AuthenticatorResponse.

AuthenticatorAttestationResponse.attestationObject Secure context Read only

An ArrayBuffer containing authenticator data and an attestation statement for a new key pair generated by the authenticator.

AuthenticatorResponse.clientDataJSON Secure context Read only

Inherited from AuthenticatorResponse, this property contains the JSON-compatible serialization of the data passed from the browser to the authenticator in order to generate this credential — i.e., when CredentialsContainer.create() is called with a publicKey option. This data contains some information from the options passed into the create() call, and some information controlled by the browser.

Instance methods

AuthenticatorAttestationResponse.getAuthenticatorData() Secure context

Returns an ArrayBuffer containing the authenticator data contained within the AuthenticatorAttestationResponse.attestationObject property.

AuthenticatorAttestationResponse.getPublicKey() Secure context

Returns an ArrayBuffer containing the DER SubjectPublicKeyInfo of the new credential (see Subject Public Key Info), or null if this is not available.

AuthenticatorAttestationResponse.getPublicKeyAlgorithm() Secure context

Returns a number that is equal to a COSE Algorithm Identifier, representing the cryptographic algorithm used for the new credential.

AuthenticatorAttestationResponse.getTransports() Secure context

Returns an array of strings describing which transport methods (e.g., usb, nfc) are believed to be supported with the authenticator. The array may be empty if the information is not available.

Examples

Specifications

Browser compatibility

Desktop Mobile
Chrome Edge Firefox Internet Explorer Opera Safari WebView Android Chrome Android Firefox for Android Opera Android Safari on IOS Samsung Internet
AuthenticatorAttestationResponse 67 18
60Only supports USB U2F tokens.
No 54 13 No 70 92
60–92Only supports USB U2F tokens.
48 13 10.0
attestationObject 67 18
60Only supports USB U2F tokens.
No 54 13 No 70 92
60–92Only supports USB U2F tokens.
48 13 10.0
getAuthenticatorData 85 85 119 No 71 16 No 85 119 60 16 14.0
getPublicKey 85 85 119 No 71 16 No 85 119 60 16 14.0
getPublicKeyAlgorithm 85 85 119 No 71 16 No 85 119 60 16 14.0
getTransports 74 79 No No 62 16 No 74 No 53 16 11.0

See also

© 2005–2023 MDN contributors.
Licensed under the Creative Commons Attribution-ShareAlike License v2.5 or later.
https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse