TsgcWSAPIServer_WebAuthn › Events › OnWebAuthnMetadata
Fires when the server needs authenticator metadata for an AAGUID; lets the application return a cached or custom FIDO MDS BLOB entry.
property OnWebAuthnMetadata: TsgcWebAuthnOnMetadata;
// TsgcWebAuthnOnMetadata = procedure(Sender: TObject; const aAAGUID: string; var Metadata: string) of object—
Fired during attestation validation when the server needs to resolve the FIDO Metadata Service entry for the authenticator identified by aAAGUID. Assign the matching MDS metadata statement (JSON) to Metadata to supply an application-managed cache or an offline MDS BLOB; leave it empty to let the built-in lookup run. Returning curated metadata is useful to enforce authenticator allowlists or to avoid an external HTTP call during the ceremony.
procedure TForm1.sgcWSAPIServer_WebAuthn1WebAuthnMetadata(Sender: TObject;
const aAAGUID: string; var Metadata: string);
begin
Metadata := LoadMetadataFromCache(aAAGUID);
end;