TsgcWSAPIServer_WebAuthn › Events › OnWebAuthnAuthenticationOptionsRequest
Fires at the start of /authenticate/begin; the application must return the list of credentials registered for the user so the server can build PublicKeyCredentialRequestOptions.
public event TsgcWebAuthnOnAuthenticationOptionsRequestHandler OnWebAuthnAuthenticationOptionsRequest;
// delegate void TsgcWebAuthnOnAuthenticationOptionsRequestHandler(TObject Sender, TsgcWebAuthn_AuthenticationOptions_Request aRequest, out TsgcWebAuthn_CredentialRecords CredentialRecords, out bool Accept)—
First hook of the authentication ceremony (WebAuthn navigator.credentials.get()). aRequest contains the username (or empty for discoverable-credential flows) supplied by the client. The handler should populate CredentialRecords with the credentials previously stored for the user — the server uses them to build the allowCredentials list, to look up the public key during verification and to enforce transport hints. Set Accept to false to deny the ceremony (for example, when the user is locked or unknown).