TsgcWSAPIServer_WebAuthn › Events › OnWebAuthnAuthenticationError
Fires when /authenticate/verify rejects the assertion; exposes the failing request and the textual reason so the application can log or alert on it.
property OnWebAuthnAuthenticationError: TsgcWebAuthnOnAuthenticationError;
// TsgcWebAuthnOnAuthenticationError = procedure(Sender: TObject; const aRequest: TsgcWebAuthn_AuthenticationVerify_Request; const aError: string) of object—
Raised when assertion verification fails for any reason — unknown credential id, invalid signature, challenge/origin mismatch, sign counter regression, user verification required but not provided, etc. aRequest carries the client payload and aError a human-readable description. Use it to write audit records, to increment a failed-login counter for brute-force protection, or to surface a localised error to the client.
procedure TForm1.sgcWSAPIServer_WebAuthn1WebAuthnAuthenticationError(Sender: TObject;
const aRequest: TsgcWebAuthn_AuthenticationVerify_Request; const aError: string);
begin
Memo1.Lines.Add('Authentication failed: ' + aError);
end;