#9263 Add support for passkey authentication type in kdb driver
Closed: fixed a year ago by frenaud. Opened 2 years ago by frenaud.

Request for enhancement

IPA KDB driver needs to support the new authentication type "passkey" in addition to 'password', 'radius', 'otp', 'pkinit', 'hardened' and 'idp'.

This feature is related to SSSD issue #6228 Enable FIDO2 key authentication in a centralized environment

Metadata Update from @abbra:
- Issue assigned to abbra

2 years ago


  • 574517c Design for passkey support
  • af56950 New schema for Passkey mappings
  • 4bd1be9 API: add new commands for ipa passkeyconfig-show | mod
  • a21214c API: add new commands for passkey mappings
  • ae3c281 XMLRPC tests: test new passkey commands
  • 7911b24 CLI: add support for passkey authentication type
  • a7d90c1 XMLRPC tests: add new tests for passkey auth type
  • f8580ca WebUI: add support for passkey auth type and auth indicator
  • d207f6b WebUI tests: add test for krbtpolicy passkey maxlife/maxrenew
  • 56e1797 ipa-kdb: initial support for passkeys
  • 6f0da62 Passkey: add support for discoverable credentials
  • c58e483 Passkey support: show the passkey in webui
  • 510f806 WebUI: improve passkey display
  • c016e27 Passkey: add "passkey configuration" to webui
  • b650783 Passkey: extract the passkey from stdout
  • 9963dcd Passkey: update the API doc
  • 0075c8b passkeyconfig: require-user-verification is a boolean
  • c0f71b0 passkey: adjust selinux security context for passkey_child
  • 14526c5 Webui tests: fix test failure
  • 31b70ee Passkey: add a weak dependency on sssd-passkey
  • 9caea32 ipa-otpd: suppress "function declaration isn't a prototype" warning
  • e7a69b3 ipa-otpd: make add_krad_attr_to_set() public
  • 62e28e4 ipa-otpd: make auth_type_is(), get_string() and get_string_array() public
  • a02fd53 ipa-otpd: make get_krad_attr_from_packet() public
  • b252988 ipa-otpd: add support for passkey authentication
  • 8d12d49 ipa-otpd: add passkey_child_debug_level option
  • e5c292c doc/designs: update link to SSSD passkey design page
  • 665227e Spec file: bump SSSD version for passkey support
  • e0acc51 Passkey design: fix user verification
  • 957d67a Passkey design: user verification clarification
  • 105b033 Passkey design: add second sssd design page

Metadata Update from @frenaud:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

a year ago

Log in to comment on this ticket.