...
When using the passwordless flow with a fallback to authn/Password, you can could modify the login.vm view to pre-fill the username input with the username entered in the WebAuthn context. For example, at the top of login.vm:
...
| Code Block |
|---|
<input type="text" id="username" name="j_username" #if($webAuthnUsername)readonly#end
value="#if($webAuthnUsername)$encoder.encodeForHTML($$webAuthnUsername)#end" /> |
See UserInterface for a detailed look at the IdP’s view templates. This won't prevent a malicious user from changing the username; that would need a server-side solution, such as a post-authentication login flow (ProfileInterceptConfiguration ).
| Anchor | ||||
|---|---|---|---|---|
|
...