TsgcWSAPIServer_WebAuthn › Properties › EndpointsOptions
URL routes served by the component for WebAuthn registration, authentication, the bundled JavaScript library and the test page.
property EndpointsOptions: TsgcWSWebAuthnEndpoints_Options read FEndpointsOptions write SetEndpointsOptions;RegistrationOptions: /sgcWebAuthn/Registration/Options; RegistrationVerify: /sgcWebAuthn/Registration/Verify; AuthenticationOptions: /sgcWebAuthn/Authentication/Options; AuthenticationVerify: /sgcWebAuthn/Authentication/Verify; WebAuthn (JS library): enabled; Test: disabled.
Configures the HTTP endpoints exposed by the component to handle WebAuthn traffic from the browser JavaScript layer. Each entry has an Enabled flag and an Endpoint URL path that can be customized. RegistrationOptions returns a challenge and Relying Party data so the authenticator can create a new credential; RegistrationVerify receives the attestation and stores the public key. AuthenticationOptions returns a challenge for sign-in; AuthenticationVerify validates the assertion using the stored public key. WebAuthn serves the bundled JavaScript helper; disable it to ship your own WebAuthn client library. Test serves an HTML test page and should stay disabled in production.
oWebAuthn.EndpointsOptions.RegistrationOptions.Endpoint := '/api/webauthn/register/options';
oWebAuthn.EndpointsOptions.RegistrationVerify.Endpoint := '/api/webauthn/register/verify';
oWebAuthn.EndpointsOptions.AuthenticationOptions.Endpoint := '/api/webauthn/login/options';
oWebAuthn.EndpointsOptions.AuthenticationVerify.Endpoint := '/api/webauthn/login/verify';
oWebAuthn.EndpointsOptions.WebAuthn.Enabled := True;
oWebAuthn.EndpointsOptions.Test.Enabled := False;