How can I trigger, or rather, when is the ASCredentialProviderViewController.prepareOneTimeCodeCredentialList(for:) method triggered? I can't seem to get it to work. I've added the ProvidesOneTimeCodes key to the Info.plist. I've added the com.apple.developer.authentication-services.autofill-credential-provider entitlement. Example of the extension: class CredentialProviderViewController: ASCredentialProviderViewController { override func prepareOneTimeCodeCredentialList(for serviceIdentifiers: [ASCredentialServiceIdentifier]) { print("********************************* prepareOneTimeCodeCredentialList \(serviceIdentifiers)") } override func prepareInterfaceForUserChoosingTextToInsert() { print("********************************* prepareInterfaceForUserChoosingTextToInsert") } } The app is enabled in the AUTOFILL FROM: in Settings App.

What is the difference between ASPasskeyCredentialIdentity.userName and ASPasskeyCredentialIdentity.user ? From https://www.w3.org/TR/webauthn-2/#dom-publickeycredentialuserentity-displayname there should be only displayName.

Looks like a security flow in ASCredentialProviderViewController Register a new Passkey on foo.example.com Now iOS 17 (RC) will suggest and permit to select the Passkey to login in bar.example.com, which is agains specs From specs: For example, given a Relying Party whose origin is https://login.example.com:1337, then the following RP IDs are valid: login.example.com (default) and example.com, but not m.login.example.com and not com. Also looks like a bug, in this method: func prepareInterfaceToProvideCredential(for credentialRequest: ASCredentialRequest) If I've registered my Passkey for RP foo.example.com and trying to login to bar.example.com (the bug). In ASCredentialRequest.credentialIdentity.serviceIdentifier.identifier is foo.example.com but I am trying to login to bar.example.com, from this we can't understand on what RP is this Passkey used and can't restrict the use of Passkey in case it is used on a wrong RP. P.S: iCloud Passkeys works as expected.

It appears that this method from ASCredentialProviderViewController is not being called at all. I am unable to trigger it. Ref func prepareCredentialList(for serviceIdentifiers: [ASCredentialServiceIdentifier], requestParameters: ASPasskeyCredentialRequestParameters) I expected it to be triggered when RP has a list of allowCredentials, but I still get: override func prepareInterfaceToProvideCredential(for credentialRequest: ASCredentialRequest) Am I missing something?

We are trying to implement the new feature that was introduced in iOS 17, Passkeys Autofill Provider. We've created a new 'AutoFill Credential Provider' target and embedded it into our host app. We've implemented the 'CredentialProviderViewController,' which is inherited from 'ASCredentialProviderViewController.' When we go to 'https://webauthn.io' to trigger the passkeys view, everything is working as expected when we press 'Register.' The function 'override func prepareInterface(forPasskeyRegistration registrationRequest: ASCredentialRequest)' is called, but... We know that we need to call 'self.extensionContext.completeRegistrationRequest(using:)' but we don't know how to construct the response. We didn't find any examples or explanations of how to use this API. Can someone help us with this? Thank you.