#9261 Add CLI and WebUI to register a passkey for a user
Closed: fixed a year ago by frenaud. Opened 2 years ago by frenaud.

Request for enhancement

In order to enable passkey (also known as FIDO2 key) authentication in IPA, provide command line and WebUI allowing to add a passkey for a user.

This feature is related to SSSD issue 6228 Enable FIDO2 key authentication in a centralized environment

Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/6447

2 years ago


  • 574517c Design for passkey support
  • af56950 New schema for Passkey mappings
  • 4bd1be9 API: add new commands for ipa passkeyconfig-show | mod
  • a21214c API: add new commands for passkey mappings
  • ae3c281 XMLRPC tests: test new passkey commands
  • 7911b24 CLI: add support for passkey authentication type
  • a7d90c1 XMLRPC tests: add new tests for passkey auth type
  • f8580ca WebUI: add support for passkey auth type and auth indicator
  • d207f6b WebUI tests: add test for krbtpolicy passkey maxlife/maxrenew
  • 56e1797 ipa-kdb: initial support for passkeys
  • 6f0da62 Passkey: add support for discoverable credentials
  • c58e483 Passkey support: show the passkey in webui
  • 510f806 WebUI: improve passkey display
  • c016e27 Passkey: add "passkey configuration" to webui
  • b650783 Passkey: extract the passkey from stdout
  • 9963dcd Passkey: update the API doc
  • 0075c8b passkeyconfig: require-user-verification is a boolean
  • c0f71b0 passkey: adjust selinux security context for passkey_child
  • 14526c5 Webui tests: fix test failure
  • 31b70ee Passkey: add a weak dependency on sssd-passkey
  • 9caea32 ipa-otpd: suppress "function declaration isn't a prototype" warning
  • e7a69b3 ipa-otpd: make add_krad_attr_to_set() public
  • 62e28e4 ipa-otpd: make auth_type_is(), get_string() and get_string_array() public
  • a02fd53 ipa-otpd: make get_krad_attr_from_packet() public
  • b252988 ipa-otpd: add support for passkey authentication
  • 8d12d49 ipa-otpd: add passkey_child_debug_level option
  • e5c292c doc/designs: update link to SSSD passkey design page
  • 665227e Spec file: bump SSSD version for passkey support
  • e0acc51 Passkey design: fix user verification
  • 957d67a Passkey design: user verification clarification
  • 105b033 Passkey design: add second sssd design page

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

a year ago

Log in to comment on this ticket.