How can I use iPhone as a roaming authenticator for webauthn?

I would like to use my iPhone as a roaming authenticator using FaceID when authenticating to web sites using webauthn.

I have upgraded my iPhone iOS to version 14.0.1. I use webauthn.io as an example web site.

Use case

I want to register my iPhone as a roaming authenticator on a web site, such that I can authenticate with it, both

  • when visiting a web site with my private laptop, but also
  • so that I can authenticate with it when visiting the same web site on a work laptop.

Registration

As I want to use the device as a roaming authenticator, I assume that I should choose Cross Platform as Authenticator Type on webauthn.io.

But it seems that I can only register the iPhone as authenticator when not chosing Cross Platform as Authenticator Type.

Now webauthn is new for me, is the problem on the web site I test with or is this not supported on iPhone, or how can I setup the iPhone as a roaming authenticator?


According to the project's issue system, this type of workflow is not supported by the standard (yet). It is not a specific problem with iPhone.

Please refer to this issue:

https://github.com/duo-labs/webauthn.io/issues/21

Note that a similar workflow recently became possible on some Android phones. However it is implemented via CaBLE, as mentioned in the above linked issue. CaBLE is cloud-assisted Bluetooth Low Energy - which is Google's own technology, and not part of the WebAuthn standard.