A simple PHP WebAuthn (FIDO2) server library.
Simple working demo for the lbuchs/WebAuthn library.
Relying Party

A valid domain string that identifies the WebAuthn Relying Party
on whose behalf a given registration or authentication ceremony is being performed.

You get the user ID back when checking registration (as userHandle), if you're using client-side discoverable credentials. You can identify with this ID the user who wants to login. A user handle is an opaque byte sequence with a maximum size of 64 bytes, and is not meant to be displayed to the user. The user handle MUST NOT contain personally identifying information about the user, such as a username or e-mail address.
only for display, i.e., aiding the user in determining the difference between user accounts with similar display names.
A human-palatable name for the user account, intended only for display.
user verification
type of authenticator
attestation statement format
attestation root certificates
(Nothing checked = accept all)
If you select a root ca, direct attestation is required to validate your client with the root.
The browser may warn you that he will provide informations about your device.
When not checking against any root ca (deselect all certificates), the client may change the assertion from the authenticator (for instance, using an anonymization CA),
the browser may not warn about providing informations about your device.
Copyright © 2023 Lukas Buchs - license therms

Here you can see what's saved on the server: