stellar-sdk/com.soneso.stellar.sdk.smartaccount/AndroidWebAuthnProvider/authenticate

authenticate

open suspend override fun authenticate(challenge: ByteArray, allowCredentials: List<AllowCredential>?): WebAuthnAuthenticationResult

Authenticates with an existing WebAuthn credential (passkey) using the Android Credential Manager.

Triggers the platform credential assertion flow, prompting the user to authenticate with their passkey using biometric authentication, screen lock, or a security key. The authenticator signs the challenge with the credential's private key.

Return

WebAuthnAuthenticationResult containing the credential ID, authenticator data, client data JSON, and DER-encoded ECDSA signature.

Parameters

challenge

The challenge bytes to sign (authorization payload hash, typically 32 bytes). Used as-is in the WebAuthn ceremony.

allowCredentials

Optional list of AllowCredential entries (credential ID plus optional transport hints) to constrain the authenticator to specific credentials. When null or empty, discoverable credential selection is used.

Throws

WebAuthnException.Cancelled

if the user cancels the authentication dialog.

WebAuthnException.AuthenticationFailed

with specific details if no matching credential is found or if the assertion fails.