[Cognito/iOS] JSON Passkey.createPlatformKey is incomplete

[steson322]

When creating a platform key using the request object from Cognito on iOS (see below), the result response json object is incomplete (see below).

This issue only exists on iOS (tested on 18.2), but not Android. For iOS to work, I need to manually alter the response JSON.

Request JSON

{
    "authenticatorSelection": {
        "requireResidentKey": true,
        "residentKey": "required",
        "userVerification": "preferred"
    },
    "challenge": "...",
    "excludeCredentials": [
        {
            "id": "...-w5olMQ",
            "type": "public-key"
        }
    ],
    "pubKeyCredParams": [
        {
            "alg": -7,
            "type": "public-key"
        },
        {
            "alg": -257,
            "type": "public-key"
        }
    ],
    "rp": {
        "id": "...",
        "name": "..."
    },
    "timeout": 60000,
    "user": {
        "displayName": "...",
        "id": "...",
        "name": "..."
    }
}

Response JSON

{
    "id": "...",
    "rawId": "...",
    "response": {
        "attestationObject": "...",
        "clientDataJSON": "..."
    },
    "type": "public-key"
}

Workaround

The workaround is to add authenticatorAttachment and transports as following, the the registration workflow works on iOS via Cognito.

{
    "authenticatorAttachment": "platform",
    "id": "...",
    "rawId": "...",
    "response": {
        "attestationObject": "...",
        "clientDataJSON": "...",
        "transports": [
            "internal",
            "hybrid"
        ]
    },
    "type": "public-key"
}

Then, during sign-in, I have to erase transports from allowCredentials array in the PasskeyGetRequest for it to retrieve the Passkey & sign-in correctly.

[github-actions]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.