Files
Cyrus Daboo 97a11a861f Seed2
2026-06-22 15:55:19 -04:00

65 lines
1.8 KiB
YAML

title: Security:Passkey:Attestation
description: The declaration to configure the device to allow WebAuthn enterprise
attestation for certain passkeys.
payload:
declarationtype: com.apple.configuration.security.passkey.attestation
supportedOS:
iOS:
introduced: '17.0'
allowed-enrollments:
- supervised
- device
allowed-scopes:
- system
sharedipad:
allowed-scopes: []
macOS:
introduced: '14.0'
allowed-enrollments:
- supervised
allowed-scopes:
- user
tvOS:
introduced: n/a
visionOS:
introduced: n/a
watchOS:
introduced: n/a
apply: multiple
payloadkeys:
- key: AttestationIdentityAssetReference
title: Attestation identity asset reference.
type: <string>
assettypes:
- com.apple.asset.credential.identity
- com.apple.asset.credential.scep
- com.apple.asset.credential.acme
presence: required
content: The identifier of an asset declaration that contains the identity to install
and use for passkey attestation.
- key: AttestationIdentityKeyIsExtractable
title: Attestation identity key is extractable
supportedOS:
iOS:
introduced: n/a
type: <boolean>
presence: optional
default: true
content: If `true`, the private key for the attestation identity is extractable
in the keychain.
- key: RelyingParties
title: Relying parties
type: <array>
presence: required
content: An array of the relying parties to allow enterprise attestation.
subkeys:
- key: RelyingParty
title: Relying party
type: <string>
examples:
- title: Configuration example
files:
- description: This configuration enables enterprise passkey attestation for a relying
party.
file: examples/declarative/declarations/configurations/security.passkey.attestation/example1.json