Error when integrating passkey with Android

Question

I'm currently working on implementing passkey authentication for an Android application, using this documentation: https://developer.android.com/training/sign-in/passkeys#kotlin

For authentication, I'm using the WSO2 identity server, but here's where I'm doing something different. Instead of the app creating the passkey, the WSO2 identity server does it, and I store the passkey on the device.

Here's a weird behavior I'm encountering: the app isn't prompting me for the passkeys registered in the app. Instead, it shows a QR code for signing in with passkeys stored on other devices. After that, I get a GetCredentialCancellationException thrown.

Here are some more details about the process:

• I set requestJson to:

  { "challenge":"xxxxxxxxxxx", "allowCredentials":[], "Timeout":1800000, "userVerification": "Required", "rpId":"abc.com" }

• Both the challenge and rpId come from the WSO2 identity server.

• I'm not setting a digital assets link, as I'm using a separate identity server for authentication.

Can anyone help me to debug, what I have done wrong here ?

Answer 1

Note: keys and values in the JSON are case sensitive, so Timeout and Required are both incorrect.

If you haven't set up the digital asset links, things won't work so try that first. (I.e. your app will need permission to use credentials from abc.com before things will work.)

Answer 2

It looks like the use still doesn't have any passkeys registered. Note that the GetCredentialRequest there is a parameter setPreferImmediatelyAvailableCredentials that set this behavior, by google:

If you set preferImmediatelyAvailableCredentials to true and there are no immediately available credentials, Credential Manager won't show any UI and the request will fail immediately, returning NoCredentialException for get requests and CreateCredentialNoCreateOptionException for create requests