Package com.yubico.webauthn.data

Interface PublicKeyCredentialEntity

All Known Implementing Classes:
RelyingPartyIdentity, UserIdentity
public interface PublicKeyCredentialEntity
Describes a user account, or a WebAuthn Relying Party, which a public key credential is associated with or scoped to, respectively.
See Also:

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    getName()
    A human-palatable name for the entity.

  • Method Details

    • getName

      String getName()
      A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents:
      • When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party, intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех".
        • Relying Parties SHOULD perform enforcement, as prescribed in Section 2.3 of [RFC8266] for the Nickname Profile of the PRECIS FreeformClass [RFC8264], when setting name's value, or displaying the value to the user.
        • Clients SHOULD perform enforcement, as prescribed in Section 2.3 of [RFC8266] for the Nickname Profile of the PRECIS FreeformClass [RFC8264], on name's value prior to displaying the value to the user or including the value as a parameter of the authenticatorMakeCredential operation.
      • When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is intended only for display, i.e., aiding the user in determining the difference between user accounts with similar displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234".
        • The Relying Party MAY let the user choose this value. The Relying Party SHOULD perform enforcement, as prescribed in Section 3.4.3 of [RFC8265] for the UsernameCasePreserved Profile of the PRECIS IdentifierClass [RFC8264], when setting name's value, or displaying the value to the user.
        • Clients SHOULD perform enforcement, as prescribed in Section 3.4.3 of [RFC8265] for the UsernameCasePreserved Profile of the PRECIS IdentifierClass [RFC8264], on name's value prior to displaying the value to the user or including the value as a parameter of the authenticatorMakeCredential operation.

      When clients, client platforms, or authenticators display a name's value, they should always use UI elements to provide a clear boundary around the displayed value, and not allow overflow into other elements.

      Authenticators MUST accept and store a 64-byte minimum length for a name member’s value. Authenticators MAY truncate a name member’s value to a length equal to or greater than 64 bytes.

      See Also: