WebAuthnAuthenticator (Keycloak Docs Distribution 10.0.2 API)

java.lang.Object
- org.keycloak.authentication.authenticators.browser.WebAuthnAuthenticator

All Implemented Interfaces:

Authenticator, CredentialValidator<WebAuthnCredentialProvider>, Provider

Direct Known Subclasses:

WebAuthnPasswordlessAuthenticator
```
public class WebAuthnAuthenticator
extends Object
implements Authenticator, CredentialValidator<WebAuthnCredentialProvider>
```
Authenticator for WebAuthn authentication, which will be typically used when WebAuthn is used as second factor.

Constructor Summary

Constructors
Constructor and Description

WebAuthnAuthenticator(KeycloakSession session)

Constructors
Constructor and Description
`WebAuthnAuthenticator(KeycloakSession session)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`action(AuthenticationFlowContext context)` Called from a form action invocation.
`void`	`authenticate(AuthenticationFlowContext context)` Initial call for the authenticator.
`void`	`close()`
`boolean`	`configuredFor(KeycloakSession session, RealmModel realm, UserModel user)` Is this authenticator configured for this user.
`WebAuthnCredentialProvider`	`getCredentialProvider(KeycloakSession session)`
`protected String`	`getCredentialType()`
`List<RequiredActionFactory>`	`getRequiredActions(KeycloakSession session)` Overwrite this if the authenticator is associated with
`protected String`	`getRpID(AuthenticationFlowContext context)`
`protected WebAuthnPolicy`	`getWebAuthnPolicy(AuthenticationFlowContext context)`
`boolean`	`requiresUser()` Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?
`void`	`setRequiredActions(KeycloakSession session, RealmModel realm, UserModel user)` Set actions to configure authenticator

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.keycloak.authentication.Authenticator
areRequiredActionsEnabled

Methods inherited from interface org.keycloak.authentication.CredentialValidator
getCredentials, getType

- Constructor Detail
  - WebAuthnAuthenticator
```
public WebAuthnAuthenticator(KeycloakSession session)
```
- Method Detail
  - authenticate
```
public void authenticate(AuthenticationFlowContext context)
```
    Description copied from interface: Authenticator
    
    Initial call for the authenticator. This method should check the current HTTP request to determine if the request satifies the Authenticator's requirements. If it doesn't, it should send back a challenge response by calling the AuthenticationFlowContext.challenge(Response). If this challenge is a authentication, the action URL of the form must point to /realms/{realm}/login-actions/authenticate?code={session-code}&execution={executionId} or /realms/{realm}/login-actions/registration?code={session-code}&execution={executionId} {session-code} pertains to the code generated from AuthenticationFlowContext.generateAccessCode(). The {executionId} pertains to the AuthenticationExecutionModel.getId() value obtained from AuthenticationFlowContext.getExecution(). The action URL will invoke the action() method described below.
    
    Specified by:
    
    authenticate in interface Authenticator
  - getWebAuthnPolicy
```
protected WebAuthnPolicy getWebAuthnPolicy(AuthenticationFlowContext context)
```
  - getRpID
```
protected String getRpID(AuthenticationFlowContext context)
```
  - getCredentialType
```
protected String getCredentialType()
```
  - action
```
public void action(AuthenticationFlowContext context)
```
    Description copied from interface: Authenticator
    
    Called from a form action invocation.
    
    Specified by:
    
    action in interface Authenticator
  - requiresUser
```
public boolean requiresUser()
```
    Description copied from interface: Authenticator
    
    Does this authenticator require that the user has already been identified? That AuthenticatorContext.getUser() is not null?
    
    Specified by:
    
    requiresUser in interface Authenticator
    
    Returns:
  - configuredFor
```
public boolean configuredFor(KeycloakSession session,
                             RealmModel realm,
                             UserModel user)
```
    Description copied from interface: Authenticator
    
    Is this authenticator configured for this user.
    
    Specified by:
    
    configuredFor in interface Authenticator
    
    Returns:
  - setRequiredActions
```
public void setRequiredActions(KeycloakSession session,
                               RealmModel realm,
                               UserModel user)
```
    Description copied from interface: Authenticator
    
    Set actions to configure authenticator
    
    Specified by:
    
    setRequiredActions in interface Authenticator
  - getRequiredActions
```
public List<RequiredActionFactory> getRequiredActions(KeycloakSession session)
```
    Description copied from interface: Authenticator
    
    Overwrite this if the authenticator is associated with
    
    Specified by:
    
    getRequiredActions in interface Authenticator
    
    Returns:
  - close
```
public void close()
```
    Specified by:
    
    close in interface Provider
  - getCredentialProvider
```
public WebAuthnCredentialProvider getCredentialProvider(KeycloakSession session)
```
    Specified by:
    
    getCredentialProvider in interface CredentialValidator<WebAuthnCredentialProvider>

Class WebAuthnAuthenticator

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.keycloak.authentication.Authenticator

Methods inherited from interface org.keycloak.authentication.CredentialValidator

Constructor Detail

WebAuthnAuthenticator

Method Detail

authenticate

getWebAuthnPolicy

getRpID

getCredentialType

action

requiresUser

configuredFor

setRequiredActions

getRequiredActions

close

getCredentialProvider