fido/com.pingidentity.fido.journey/FidoAuthenticationCallback/authenticate

authenticate

suspend fun authenticate(block: FidoAuthenticateCustomizer.() -> Unit = {}): Result<JsonObject>

Performs FIDO2 authentication using the initialized request options.

This method initiates the FIDO2 authentication ceremony using Android Credential Manager, prompting the user to verify their identity using available discoverable credentials (passkeys). The authentication can use biometrics, PIN, or other verification methods supported by the authenticator.

Authentication Flow:

  1. Converts the publicKeyCredentialRequestOptions to GetPublicKeyCredentialOption

  2. Calls the Android Credential Manager to perform authentication

  3. Processes the returned credential response

  4. Formats the response according to server expectations

  5. Automatically submits the response to the Journey workflow

Response Format: The response is formatted differently based on the supportsJsonResponse flag:

Legacy String Format (supportsJsonResponse = false):

{"type":"webauthn.get","challenge":"test-challenge"}::dGVzdC1hdXRoZW50aWNhdG9yLWRhdGE::dGVzdC1zaWduYXR1cmU::dGVzdC1yYXctaWQ::dGVzdC11c2VyLWhhbmRsZQ
Content copied to clipboard

JSON Format (supportsJsonResponse = true):

{
  "authenticatorType": "PLATFORM",
  "response": "{\"type\":\"webauthn.get\",\"challenge\":\"test-challenge\"}::dGVzdC1hdXRoZW50aWNhdG9yLWRhdGE::dGVzdC1zaWduYXR1cmU::dGVzdC1yYXctaWQ::dGVzdC11c2VyLWhhbmRsZQ"
}
Content copied to clipboard

Data Components (separated by "::"):

  1. Client data JSON (contains challenge, origin, and type information)

  2. Authenticator data (Base64 encoded, then converted to integer string representation)

  3. Signature (Base64 encoded, then converted to integer string representation)

  4. Raw credential ID (Base64 encoded credential identifier)

  5. User handle (Base64 encoded user identifier, optional)

Return

A Result containing the authentication response as a JsonObject on success, or an exception on failure. The response is automatically submitted to the Journey workflow.

Parameters

block

A transformation function that converts JsonObject to GetPublicKeyCredentialOption. Allows customization of credential manager options like preferImmediatelyAvailableCredentials.