...
Authentication
Passwordless: Requires user verification but keys can be stored on the server
Requires username view
Usernameless (passkey): Requires discoverable credentials and user verification.
User selects the registered credential for a given user.id off the authenticator
Second Factor : After an appropriate first factor, only requires a FIDO compliant authenticator and user presence checking
Registration
Admin UI flow for a user to register and remove WebAuthn credentials using the Storage Service API
FIDO Metadata
Download and load the FIDO authenticator metadata
Only allow trusted authenticators
Enhance the registration UI
...