Websites or domains that don't need permission to use direct Security Key attestation

Specifies websites and domains that don't need explicit user permission when attestation certificates from security keys are requested. Additionally, a signal is sent to the security key indicating that it can use individual attestation. Without this, users are prompted each time a site requests attestation of security keys.

Sites (like https://contoso.com/some/path) only match as U2F appIDs. Domains (like contoso.com) only match as webauthn RP IDs. To cover both U2F and webauthn APIs for a given site, you need to list both the appID URL and domain.

Eksempelverdi:

https://contoso.com

Støttes av: Microsoft Edge version 77, Windows 7 or later

Websites or domains that don't need permission to use direct Security Key attestation

Registry HiveHKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry PathSoftware\Policies\Microsoft\Edge\SecurityKeyPermitAttestation
Value Name{number}
Value TypeREG_SZ
Default Value

msedge.admx

Administrative maler (datamaskiner)

Administrative maler (brukere)