Using SimpleWebAuthn in different subdomains #406
Replies: 3 comments 3 replies
-
|
I think this should work with the following values: rpID: |
Beta Was this translation helpful? Give feedback.
-
|
Ah, apologies for the delayed response @igorschechtel. When you say "it didn't work," what error were you seeing? If you specify the RP ID "example.com" both during registration and authentication then you would be able to register a single credential that you could then use across both subdomains. It's when you omit an RP ID during registration that the RP ID is set by the browser to the effective domain, e.g. "app.example.com", which would scope the credential to that specific sub domain. You could not then use that credential to authenticate on https://connect.example.com |
Beta Was this translation helpful? Give feedback.
-
|
i ran into something similar. While setting rpID to example.com works, the pass key seems to be saved at the domain that you register at. for instance, if i create a passkey at blah.example.com , configuration wies everything works, until you get to blah2.example.com my device is unable to find the passkey. Is there a way to make sure to store the passkey at example.com? |
Beta Was this translation helpful? Give feedback.
-
|
If you set |
Beta Was this translation helpful? Give feedback.
-
|
Ha I did a dumb thing , I thought I set environment variables , but I didn’t . they were undefined . |
Beta Was this translation helpful? Give feedback.
-
|
I'm glad to hear you figured it you! Fortunately it was something simple this time 😮💨 |
Beta Was this translation helpful? Give feedback.
-
Can SimpleWebAuthn be used in different subdomains? For example:
app.example.comconnect.example.comI tried setting the rp id to
example.comand theexpectedOriginto an array with both subdomains, but it didn't work...Beta Was this translation helpful? Give feedback.
All reactions