...
Existing features as of alpha 0.0.2:
ss
...
Authentication
Passwordless: Requires user verification but keys can be stored on the server
Requires username view
Usernameless (passkey): Requires discoverable credentials and user verification.
User selects the registered credential for a given user.id off the authenticator
Second Factor : After an appropriate first factor, only requires a FIDO compliant authenticator and user presence checking
Registration
Admin UI flow for a user to register and remove WebAuthn credentials using the Storage Service API
FIDO Metadata
Download and load the FIDO authenticator metadata
Only allow trusted authenticators
Enhance the registration UI
Features not yet implemented for V1.0.0:
User identity information from attribute resolver :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-11 CSP protection :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-4 Admin UI for managing user credentials across the organisation :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-8 Enhance WebAuthn error messaging :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-10
Future features:
Reporting API :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-7 Autofill UI :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-3 HTTP APIs to the plugin to support externalised credential management UI :
Jira Legacy server System Jira serverId f52c7d31-6eab-3f0e-93c3-231b5754d506 key JWEBAUTHN-9