Android native app origin issue

Question

Android native app origin issue

whiterockstudios opened this issue a month ago · 2 comments

CredentialManager in Android creates a passkey with an origin like android:apk-key-hash:xxxxxxx. If the origin was example.com, iOS plays nicely with that but android would end up with an origin does not match error.

It seems like there's no way to have swift-webauthn support both. If i configure the RP with what the android app expects, it works fine. But is there a way to support both platforms? Has anyone else encountered this? Am I just missing something?

Answer 1 · 2024-09-29T20:09:30.000Z

I tried having an additional instance of WebAuthnManager with a separate config for the android app, checking the user agent to decide which to use. Not sure if this is the right way to handle it, but it works.

Answer 2 · 2024-09-29T20:15:39.000Z

I was going to suggest this solution as well, which is what I do to handle auth on multiple origins. Do note that the native passkey in your case won’t ever be usable on the web, as the relying party can’t match, but other than that the Manager instance is cheap and can either be kept around or made on demand (it only holds a copy of its configuration)