# WebAuthn Wisej.NET's WebAuthn extension is an integration for the [Web Authentication API](https://webauthn.guide/) available in most browsers. {% embed url="" %} WebAuthn Source Code {% endembed %} ## Features * WebAuthn API wrapper with async client calls for credential creation and assertion retrieval * Server-side signature validation for ES256 and RS256, plus signature parsing utilities * Data models for authenticator/client data and responses * WebAuthn request/selection structures (relying party, user entity, credential parameters and descriptors, authenticator selection criteria). * Spec enums and flags for attestation, attachments, transports, resident key requirements, and COSE algorithms. ## Code Example This code sample sets up all the parameters to call the WebAuthn.CreateAsync function. The WebAuthn.CreateAsync function asks the browser’s WebAuthn API to create a new credential using a local authenticator (e.g., Windows Hello, Touch ID, etc.), honoring the authenticator selection settings and timeout. It then returns a response object that includes the new credential’s public key, authenticator data, and client data. ```csharp // Create a random challenge (base64 string is typical) // Use a 33-byte challenge to avoid Base64 padding (length divisible by 3). var challengeBytes = new byte[33]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(challengeBytes); } var challenge = Convert.ToBase64String(challengeBytes); var rp = new RelyingParty("example.com", "Example App"); // Use a 12-byte user id to avoid Base64 padding. var userIdBytes = Encoding.UTF8.GetBytes("user-123-abc"); var user = new PublicKeyCredentialUserEntity( id: Convert.ToBase64String(userIdBytes), name: "user@example.com", displayName: "User"); var publicKeyCredentialParameters = new[] { new PublicKeyCredentialParameters(COSEAlgorithmIdentifier.ES256), new PublicKeyCredentialParameters(COSEAlgorithmIdentifier.RS256), }; var authenticatorSelection = new AuthenticatorSelectionCriteria( AuthenticatorAttachment.Platform, residentKey: "", requireResidentKey: false, userVerification: ResidentKeyRequirement.Preferred); var timeout = 60000; var response = await WebAuthn.CreateAsync( challenge, rp, user, publicKeyCredentialParameters, authenticatorSelection, timeout, AttestationConveyancePreference.None); // Persist response.AuthenticatorData.PublicKey and // verify response.ClientData.Challenge on the server. ``` ## How to use The WebAuthn extension can be added to a Wisej.NET project using NuGetPackage Manager. {% embed url="" %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.wisej.com/extensions/extensions/webauthn.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.