Skip to main content
Version: 8.2411.x.x RR

Fido 2

The TIDMA_FIDO2 table holds the specific attributes of FIDO2 credentials. The table is an extension of the TIDMA_CREDENTIAL base table in All credentials, which lists attributes that are valid for all credentials.

Database table TIDMA_FIDO2

DB attributeJava data type(max. size), defaultsDescription
credential_idLong, not NULLPrimary key (uniquely identifies each individual credential). Foreign key that links to information in the table TIDMA_CREDENTIAL.
aaguidString(128), not NULLA 128-bit identifier indicating the type (e.g. make and model) of the authenticator
attestation_preferenceEnum: AttestationConveyancePreference { DIRECT, INDIRECT, NONE, ENTERPRISE }The server’s preference on how it would like to verify the attestations of the authenticators.
authenticator_attachmentEnum: AuthenticatorAttachment { PLATFORM, CROSSPLATFORM }Defines how the authenticator is accessed by the WebAuthn client, i.e. where the authenticator is at.
authenticatorString(65535), not NULLCBOR serialized authenticator object
fido2_credential_idString(255), not NULLThe hashed and encoded FIDO2 credential ID of the credential.
relying_party_idString(255), not NULLrelyingPartyId
resident_key_requirementEnum: ResidentKey { REQUIRED, DISCOURAGED }Whether the server is willing to accept residental keys (i.e. whether storing the webauthn private key encrypted on the server side is okay or not)
user_agentString(255), not NULLUser agent used by the AuthCloud team, no FIDO2 relation
user_friendly_nameString(1000), not NULLHuman readable name for the credential
user_verification_requirementEnum: UserVerification { REQUIRED, PREFERRED, DISCOURAGED }The technical process by which an authenticator locally authorizes the invocation of the authenticatorMakeCredential and authenticatorGetAssertion operations (i.e. grants access for the user to proceed with the WebAuthn flows).