36

Not able to logging into AWS console. Until this is resolved, the browser is not usable for anyone who is doing serious development on AWS.

    a month later

    MFA with Yubikey 5 does work for me (at least on Cloudflare), but it often requires plugging it in-and-out a couple times and clicking the retry button.

      a month later
      Merged 10 posts from Security key (FIDO2/U2F) doesn't prompt, and doesn't display errors.

        @gp and others..

        1. Is WebAuthN the only API we need to support?

        2. Are you aware of any macOS/iOS dev docs/libraries to make this job easier?

        • gp replied to this.
          Vlad changed the title to Support for WebAuthn .

            Vlad

            I will revisit this later, as I think it actually “works” behind the scenes in Orion, just without the UI over the top.

                Vlad

                Pleased to report that Orion does indeed currently "support" WebAuthn. There is no UI around the feature however, so a user will not be aware it is there, or working.

                WebAuthn can be tested at https://webauthn.io/ - enter a random username, leave everything at defaults, and hit register. You won't see a pop-up prompt here (this is where you will want to look to Safari behaviour), but if you have a U2F/webauthn token plugged in, the LED will flash to prompt you to authenticate by pushing the button.

                You can then repeat this process, clicking "login", and again the LED will flash (without Orion prompt). Press the button on the Webauthn dongle, and you'll get "logged in".

                The Safari flows for reference.

                1. After pressing register:

                (No text changes whether the token is plugged in or not)

                1. After pressing login (slightly different message, as register != login to the token)
                  4 days later

                  If Platform (TPM) authentication is used on webauthn.io on safari or chrome/vivaldi/etc, it will allow for the use of Touch ID on macs and Touch ID or Face ID on iDevices. Screenshots of macOS Safari attached for reference:


                    Possibly unrelated but Orion on iOS has full WebAuthn support, even with the new passkeys on iOS 16.

                      a month later
                      10 days later

                      vordenken yes, this is iOS Orion only.
                      WebKit browsers on iOS (read: all browsers) get WebAuthn and Payments for free.

                          vordenken WebauthN is supported on Orion macOS. if it does not work for oyu open an issue with steps to reproduce.

                              a month later

                              I can attest to WebauthN working on MacOS 12.6 Orion Version 0.99.120.1-beta (WebKit 614.1.20)

                              11 days later

                              Is there a way to migrate existing WebAuthn keys from Safari to Orion?

                                6 days later

                                Vlad Will check if thats even possible as WebAuthN related stuff are securely saved in Keychain and not sure if thats accessible to other apps (apps which don't own that info)

                                    No one is typing