FIDO2 Key Data Explorer

Welcome to our FIDO2 Key Data Explorer Tool. This tool is designed to provide you with comprehensive details about your FIDO2 security keys, ensuring you have all the necessary information, such as AAGUID and attestation certificate.

Connect your FIDO2 key to your computer's USB port (or tap the NFC area), click on the button below, then select "Security Key" when prompted by your browser, and touch the sensor or press the button when the LED blinks or tap against the NFC antenna of your device.

based on lbuchs

Relying Party

A valid domain string that identifies the WebAuthn Relying Party
on whose behalf a given registration or authentication ceremony is being performed.

You get the user ID back when checking registration (as userHandle), if you're using client-side discoverable credentials. You can identify with this ID the user who wants to login. A user handle is an opaque byte sequence with a maximum size of 64 bytes, and is not meant to be displayed to the user. The user handle MUST NOT contain personally identifying information about the user, such as a username or e-mail address.
only for display, i.e., aiding the user in determining the difference between user accounts with similar display names.
A human-palatable name for the user account, intended only for display.
user verification
type of authenticator
attestation statement format
attestation root certificates
(Nothing checked = accept all)
If you select a root ca, direct attestation is required to validate your client with the root.
The browser may warn you that he will provide informations about your device.
When not checking against any root ca (deselect all certificates), the client may change the assertion from the authenticator (for instance, using an anonymization CA),
the browser may not warn about providing informations about your device.
Copyright © 2023 Lukas Buchs - license therms