Yubico Forum
https://forum.yubico.com/

U2F NFC authentication flow
https://forum.yubico.com/viewtopic.php?f=33&t=2173		 Page 1 of 1
Author:  jdhoek [ Wed Jan 20, 2016 11:19 am ]
Post subject:  U2F NFC authentication flow
With a USB FIDO U2F key, the authentication flow is handled by the browser on the client side (today this means Chrome, but Firefox seems committed as well) where the low-level JavaScript API is available. Yubico has provided the high-level JavaScript API by means of a small library (as documented here).

The steps are basically these:

  • Get challenge from server (server generates challenge for registered devices)
  • Sign with U2F key (user touches button of key)
  • Send response to server (server validates response)

How does this work with NFC FIDO U2F keys such as the Yubikey Neo? If I am reading the specifications correctly, the server-side of the authentication flow is exactly the same. Is the same high-level JasvaScript API used in the browser? That is, does Chrome on Android provide the low-level JavaScript API for use with an NFC FIDO U2F token, or is another tool such as Google Authenticator required?
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/