Package com.yubico.webauthn.data

Enum Class AttestationConveyancePreference

java.lang.Object
java.lang.Enum<AttestationConveyancePreference>
com.yubico.webauthn.data.AttestationConveyancePreference
All Implemented Interfaces:
Serializable, Comparable<AttestationConveyancePreference>, Constable
public enum AttestationConveyancePreference extends Enum<AttestationConveyancePreference>
Relying Parties may use this to specify their preference regarding attestation conveyance during credential generation.
See Also:

  • Enum Constant Details

    • NONE

      public static final AttestationConveyancePreference NONE
      Indicates that the Relying Party is not interested in authenticator attestation.

      For example, in order to potentially avoid having to obtain user consent to relay identifying information to the Relying Party, or to save a roundtrip to an Attestation CA.

      This is the default value.

    • INDIRECT

      public static final AttestationConveyancePreference INDIRECT
      Indicates that the Relying Party prefers an attestation conveyance yielding verifiable attestation statements, but allows the client to decide how to obtain such attestation statements. The client MAY replace the authenticator-generated attestation statements with attestation statements generated by an Anonymization CA, in order to protect the user’s privacy, or to assist Relying Parties with attestation verification in a heterogeneous ecosystem.

      Note: There is no guarantee that the Relying Party will obtain a verifiable attestation statement in this case. For example, in the case that the authenticator employs self attestation.

    • DIRECT

      public static final AttestationConveyancePreference DIRECT
      Indicates that the Relying Party wants to receive the attestation statement as generated by the authenticator.

    • ENTERPRISE

      public static final AttestationConveyancePreference ENTERPRISE
      This value indicates that the Relying Party wants to receive an attestation statement that may include uniquely identifying information. This is intended for controlled deployments within an enterprise where the organization wishes to tie registrations to specific authenticators. User agents MUST NOT provide such an attestation unless the user agent or authenticator configuration permits it for the requested RP ID.

      If permitted, the user agent SHOULD signal to the authenticator (at invocation time) that enterprise attestation is requested, and convey the resulting AAGUID and attestation statement, unaltered, to the Relying Party.

  • Method Details

    • values

      public static AttestationConveyancePreference[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static AttestationConveyancePreference valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • getValue

      @NonNull public @NonNull String getValue()