mirror of
https://github.com/apple/device-management.git
synced 2026-07-11 05:23:42 +02:00
59 lines
1.6 KiB
YAML
59 lines
1.6 KiB
YAML
title: Security:Passkey:Attestation
|
|
description: The declaration to configure the device to allow WebAuthn enterprise
|
|
attestation for certain passkeys.
|
|
payload:
|
|
declarationtype: com.apple.configuration.security.passkey.attestation
|
|
supportedOS:
|
|
iOS:
|
|
introduced: '17.0'
|
|
allowed-enrollments:
|
|
- supervised
|
|
- device
|
|
allowed-scopes:
|
|
- system
|
|
sharedipad:
|
|
allowed-scopes: []
|
|
macOS:
|
|
introduced: '14.0'
|
|
allowed-enrollments:
|
|
- supervised
|
|
allowed-scopes:
|
|
- user
|
|
tvOS:
|
|
introduced: n/a
|
|
visionOS:
|
|
introduced: n/a
|
|
watchOS:
|
|
introduced: n/a
|
|
apply: multiple
|
|
payloadkeys:
|
|
- key: AttestationIdentityAssetReference
|
|
title: Attestation identity asset reference.
|
|
type: <string>
|
|
assettypes:
|
|
- com.apple.asset.credential.identity
|
|
- com.apple.asset.credential.scep
|
|
- com.apple.asset.credential.acme
|
|
presence: required
|
|
content: The identifier of an asset declaration that contains the identity to install
|
|
and use for passkey attestation.
|
|
- key: AttestationIdentityKeyIsExtractable
|
|
title: Attestation identity key is extractable
|
|
supportedOS:
|
|
iOS:
|
|
introduced: n/a
|
|
type: <boolean>
|
|
presence: optional
|
|
default: true
|
|
content: If `true`, the private key for the attestation identity is extractable
|
|
in the keychain.
|
|
- key: RelyingParties
|
|
title: Relying parties
|
|
type: <array>
|
|
presence: required
|
|
content: An array of the relying parties to allow enterprise attestation.
|
|
subkeys:
|
|
- key: RelyingParty
|
|
title: Relying party
|
|
type: <string>
|