...
| Anchor | ||||
|---|---|---|---|---|
|
The WebAuthn user name (user.name) is a human-palatable identifier for a user’s account a credential is associated with. During authentication, it will become the UsernamePrincipal of the subjectThis is separate from the internal username the IdP uses to store the credential against and is only used by the authenticator to help the user select the correct credential to authenticate with. It may be truncated by the authenticator to 64 bytes.
By default, this is taken from the principal name of the user who authenticated (contained in the SubjectContext). This can be changed by creating a bean in conf/authn/webauthn-config.xml referenced by the idp.authn.webauthn.registration.usernamename.strategy in conf/authn/webauthn.properties.
You may decide to pull this value from the attribute resolver. This is supported by an inbuild strategy, is supported by changing the following properties in conf/authn/webauthn.properties:
User Display Name Population
...