WebAuthn / FIDO 2 Demo

From NIEF Wiki
Jump to navigation Jump to search

Intro

GTRI has deployed a very simplistic demo of the Duke University WebAuthn plugin for Shibboleth 4.1 in the NIEF Testbed environment. This page provides a short explanation of how to verify that demo works for your device.

Device Registration

From a web browser on the device you must go to the registration URL. With production usage this URL would require some sort of pre-existing authentication or only be available during some sort of in-person registration process. For this demo, it is simply open to the world:

https://assure.ref.gfipm.net/idp/webauthn/registration

This page will have a UI that looks like this:

Screen shot of the registration page
  1. Put in testuser01 for the Username.
  2. Put in any menaingful description for the the Device ID, such 'Tom Jane's iPhone'.
  3. Click Register device with WebAuthn

Device Authentication

Upon clicking the button, your device should present you it's user interface for enabling authentication. This will vary by device, and while it may work on desktops, it's less often supported then it is on mobile devices. The initial screenshot on a typical 2020 android device looks like this:

Cell phone screen shot of using the devices security key.
Retrieved from "https://wiki.nief.org/index.php?title=WebAuthn_/_FIDO_2_Demo&oldid=300"