Page MenuHomePhabricator
Create Task
Maniphest T410334

Allow users to create passkeys
Closed, ResolvedPublic
Actions

Description

To allow users to create passkeys, we need to:

  • Add a parameter to WebAuthnAddKeyForm that puts it in passkey mode
  • When in passkey mode, pass different settings to the WebAuthn request: require user verification, require resident key, don't require a roaming authenticator (this probably requires modifying the WebAuthn action API module and/or Registrator.js
  • When in passkey mode, flag passkeys created through this form as supporting passwordless login

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Backend support for passkeysmediawiki/extensions/WebAuthnmaster+64 -14
Customize query in gerrit

Related Objects

Event Timeline

Catrope created this task.Nov 17 2025, 11:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptNov 17 2025, 11:05 PM
Catrope moved this task from Inbox to Passkey Support on the FY2025-26 WE 4.6 - Account Security (WE 4.6.4 - 2FA improvements and passkey support) board.Nov 17 2025, 11:05 PM
Catrope moved this task from Backlog to Features/Improvements on the MediaWiki-extensions-OATHAuth board.
Catrope mentioned this in T410335: Add passkeys section on Special:AccountSecurity.Nov 17 2025, 11:13 PM
Catrope triaged this task as High priority.Nov 17 2025, 11:20 PM
Mstyles changed the task status from Open to In Progress.Nov 20 2025, 10:41 PM
Mstyles claimed this task.
gerritbot added a comment.Nov 25 2025, 4:51 AM

Change #1210847 had a related patch set uploaded (by Mstyles; author: Mstyles):

[mediawiki/extensions/WebAuthn@master] Backend support for passkeys

https://gerrit.wikimedia.org/r/1210847

gerritbot added a project: Patch-For-Review.Nov 25 2025, 4:51 AM
Reedy mentioned this in T411368: Error: Typed property MediaWiki\Extension\WebAuthn\Key\WebAuthnKey::$supportsPasswordless must not be accessed before initialization.Dec 1 2025, 6:03 PM
gerritbot added a comment.Dec 9 2025, 8:57 PM

Change #1210847 merged by jenkins-bot:

[mediawiki/extensions/WebAuthn@master] Backend support for passkeys

https://gerrit.wikimedia.org/r/1210847

ReleaseTaggerBot added a project: MW-1.46-notes (1.46.0-wmf.7; 2025-12-16).Dec 9 2025, 9:00 PM
Maintenance_bot removed a project: Patch-For-Review.Dec 9 2025, 9:32 PM
Mstyles closed this task as Resolved.Dec 9 2025, 10:16 PM
Mstyles updated the task description. (Show Details)
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits