TsgcWSAPIServer_WebAuthn › Methods › ValidateAuthenticationOptions
Parses the authenticator data, client data and signature and authenticates the user against the stored credential.
procedure ValidateAuthenticationOptions(const aPayload: string);| Name | Type | Description |
|---|---|---|
aPayload | const string | JSON payload returned by the client navigator.credentials.get() call containing the credential id, authenticatorData, clientDataJSON and signature. |
Performs full WebAuthn-spec verification: challenge, origin and Relying Party id checks, user-presence/user-verification flags, sign-counter monotonicity and signature verification using the public key of the stored credential. Fires OnWebAuthnAuthenticationSuccessful on success and OnWebAuthnAuthenticationError on failure. Call this method manually only when driving authentication outside the built-in HTTP endpoint.
sgcWSAPIServer_WebAuthn1.ValidateAuthenticationOptions(vClientJSON);