To add support for WebAuthn with Device Biometrics using ACUL, you need to add a POST request to the login-password screen.
The POST request will detect if Identifier First + Biometrics has been enabled in your tenant and seamlessly redirect the user to the mfa-webauthn-platform-challenge screen.
The POST request has the following minimum requirements:
state: transaction state from the server (transaction.state)detect-browser-capabilitiesjs-availableis-bravewebauthn-availablewebauthn-platform-available
- Use the Auth0 CLI tool to create an ACUL project.
auth0 acul init <Your-App-Name>
-
Select the
login-password screen
-
Add the
POST request to the login-password screen:
function submitBrowserCapabilities() {
// Create a hidden form
const form = document.createElement("form");
form.method = "POST";
form.style.display = "none";
// Get values
const isBrave = navigator.brave ? await navigator.brave.isBrave() : false;
const hasPublicKeyCred = typeof window.PublicKeyCredential !== 'undefined';
const hasWebAuthn = hasPublicKeyCred && nnavigator !== 'undefined' && navigator.credentials !== 'undefined';
const hasWebAuthnPlat = hasPublicKeyCred ? await PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() : false;
// Set values
const formValues = {
"state": window.universal_login_context.transaction.state,
"detect-browser-capabilities": true,
"js-available": true,
"is-brave": isBrave,
"webauthn-available": hasWebAuthn,
"webauthn-platform-available": hasWebAuthnPlat,
}
// Populate the form
for (const [key, value] of Object.entries({ ...formValues })) {
const input = document.createElement("input");
input.value = value;
input.name = key;
form.appendChild(input);
}
// Append and submit form
document.body.appendChild(form);
form.submit();
}
Do not trigger WebAuthn operations here, this is only capability detection.
