SecurityPasskeyAttestation

The declaration to configure the device to allow WebAuthn enterprise attestation for certain passkeys.

Declaration

object SecurityPasskeyAttestation

Properties

Name	Type	Description
`AttestationIdentityAssetReference` Required	string	The identifier of an asset declaration that contains the identity to install and use for passkey attestation.
`AttestationIdentityKeyIsExtractable`	boolean	If `true`, the private key for the attestation identity is extractable in the keychain.
`RelyingParties` Required	[string]	An array of the relying parties to allow enterprise attestation.

Discussion

Specify com.apple.configuration.security.passkey.attestation as the declaration type.

Configuration availability


Allowed in supervised enrollment	iOS, macOS, Shared iPad
Allowed in device enrollment	iOS, Shared iPad
Allowed in user enrollment	NA
Allowed in local enrollment	NA
Allowed in system scope	iOS
Allowed in user scope	macOS

Configuration example

{
    "Type": "com.apple.configuration.security.passkey.attestation",
    "Identifier": "EB13EE2B-5D63-4EBA-810F-5B81D07F5017",
    "ServerToken": "E180CA9A-F089-4FA3-BBDF-94CC159C4AE8",
    "Payload": {
        "AttestationIdentityAssetReference": "AD0A8CB5-64EE-4CC9-8CB6-22DCBE6ED38A",
        "RelyingParties": [
            "example.com"
        ]
    }
}

SecurityPasskeyAttestation

Declaration

Properties

Discussion

Configuration availability

Configuration example

See Also

Configurations