Class PublicKeyCredentialCreationOptions

java.lang.Object
com.codename1.io.webauthn.PublicKeyCredentialCreationOptions
public final class PublicKeyCredentialCreationOptions extends Object

W3C PublicKeyCredentialCreationOptionsJSON -- the options blob your relying-party server sends to start a passkey registration ceremony.

In practice you receive a JSON string from your backend (libraries like webauthn4j, webauthn-rs, @simplewebauthn/server and Auth0 / Firebase's passkey endpoints all emit this shape) and hand it to WebAuthnClient.create(PublicKeyCredentialCreationOptions):

String optionsJson = httpPost("/passkey/register/challenge", body);
PublicKeyCredentialCreationOptions opts =
        PublicKeyCredentialCreationOptions.fromJson(optionsJson);
WebAuthnClient.getInstance().create(opts)
        .ready(new SuccessCallback<PublicKeyCredential>() {
            public void onSucess(PublicKeyCredential cred) {
                httpPost("/passkey/register/verify", cred.toJson());
            }
        });

The class is a thin wrapper over the JSON: it preserves the exact wire representation in toJson() (so the native authenticator sees what your server intended), while exposing convenience accessors for the most-used fields. To synthesise options client-side (rare -- usually only useful in tests) use newBuilder().

Since:
7.0.245

  • Method Details

    • fromJson

      public static PublicKeyCredentialCreationOptions fromJson(String json)
      Parses a PublicKeyCredentialCreationOptionsJSON document. The JSON is kept intact for forwarding to the native authenticator; any fields this class doesn't model are still passed through unchanged.

    • toJson

      public String toJson()
      Returns the original JSON document. The native authenticator receives this string directly.

    • asMap

      public Map<String,Object> asMap()
      The full parsed document. Useful for inspecting fields not modelled directly on this class (attestation, excludeCredentials, authenticatorSelection, etc.).

    • getRpId

      public String getRpId()
      Relying-party identifier (rp.id). On iOS this must match an applinks:<rp.id> Associated Domain. On Android this must match an assetlinks.json published at https://<rp.id>/.well-known/....

    • getRpName

      public String getRpName()
      Human-readable relying-party name (rp.name).

    • getUserId

      public String getUserId()
      user.id, the relying-party-specific user handle (base64url-encoded in the JSON wire format).

    • getUserName

      public String getUserName()
      user.name, usually the email or username the credential is for.

    • getUserDisplayName

      public String getUserDisplayName()
      user.displayName (the human-friendly name shown on the OS sheet).

    • getChallenge

      public String getChallenge()
      The challenge bytes, base64url-encoded (as they appear on the wire).

    • newBuilder

      public static PublicKeyCredentialCreationOptions.Builder newBuilder()
      Builder for the rare case where you need to synthesise the options client-side -- e.g. unit tests. The standard usage is fromJson(String) with a server-supplied document.