Looking for how to use this in your app?See Frontend Libraries →
WebAuthn認証器の管理
Amplify Authはパスキーをカメラルートンの認証情報メカニズムとして使用しています。以下のAPIにより、ユーザーはCognitoアカウントに関連付けられたパスキーを登録、追跡、削除できます。
WebAuthn認証器の関連付け
ユーザーがパスキーを登録するには認証されている必要があることに注意してください。これはユーザーがサインアップ中にパスキーを作成できないことも意味します。したがって、WebAuthnを使用するにはアカウントに関連付けられた少なくとも1つの他の第一要因認証メカニズムが必要です。
以下のAPIを使用してパスキーを関連付けることができます:
Amplify.Auth.associateWebAuthnCredential( activity, () -> Log.i("AuthQuickstart", "Associated credential"), error -> Log.e("AuthQuickstart", "Failed to associate credential", error));Amplify.Auth.associateWebAuthnCredential( activity, { Log.i("AuthQuickstart", "Associated credential") }, { Log.e("AuthQuickstart", "Failed to associate credential", error) })try { val result = Amplify.Auth.associateWebAuthnCredential(activity) Log.i("AuthQuickstart", "Associated credential")} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to associate credential", error)}RxAmplify.Auth.associateWebAuthnCredential(activity) .subscribe( result -> Log.i("AuthQuickstart", "Associated credential"), error -> Log.e("AuthQuickstart", "Failed to associate credential", error) );AmplifyがアプリケーションのTaskにPassKey UIを表示できるように、Activityインスタンスを指定する必要があります。
ユーザーはローカル認証器を使用してパスキーを登録するように促されます。その後、AmplifyはそのパスキーをCognitoに関連付けます。
WebAuthn認証器の一覧表示
以下のAPIを使用して登録済みのパスキーを一覧表示できます:
Amplify.Auth.listWebAuthnCredentials( result -> result.getCredentials().forEach(credential -> { Log.i("AuthQuickstart", "Credential ID: " + credential.getCredentialId()); Log.i("AuthQuickstart", "Friendly Name: " + credential.getFriendlyName()); Log.i("AuthQuickstart", "Relying Party ID: " + credential.getRelyingPartyId()); Log.i("AuthQuickstart", "Created At: " + credential.getCreatedAt()); }), error -> Log.e("AuthQuickstart", "Failed to list credentials", error));Amplify.Auth.listWebAuthnCredentials( { result -> result.credentials.forEach { credential -> Log.i("AuthQuickstart", "Credential ID: ${credential.credentialId}") Log.i("AuthQuickstart", "Friendly Name: ${credential.friendlyName}") Log.i("AuthQuickstart", "Relying Party ID: ${credential.relyingPartyId}") Log.i("AuthQuickstart", "Created At: ${credential.createdAt}") } }, { error -> Log.e("AuthQuickstart", "Failed to list credentials", error) })try { val result = Amplify.Auth.listWebAuthnCredentials() result.credentials.forEach { credential -> Log.i("AuthQuickstart", "Credential ID: ${credential.credentialId}") Log.i("AuthQuickstart", "Friendly Name: ${credential.friendlyName}") Log.i("AuthQuickstart", "Relying Party ID: ${credential.relyingPartyId}") Log.i("AuthQuickstart", "Created At: ${credential.createdAt}") }} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to list credentials", error)}RxAmplify.Auth.listWebAuthnCredentials() .subscribe( result -> result.getCredentials().forEach(credential -> { Log.i("AuthQuickstart", "Credential ID: " + credential.getCredentialId()); Log.i("AuthQuickstart", "Friendly Name: " + credential.getFriendlyName()); Log.i("AuthQuickstart", "Relying Party ID: " + credential.getRelyingPartyId()); Log.i("AuthQuickstart", "Created At: " + credential.getCreatedAt()); }), error -> Log.e("AuthQuickstart", "Failed to list credentials", error) );WebAuthn認証器の削除
以下のAPIでパスキーを削除できます:
Amplify.Auth.deleteWebAuthnCredential( credentialId, (result) -> Log.i("AuthQuickstart", "Deleted credential"), error -> Log.e("AuthQuickstart", "Failed to delete credential", error));Amplify.Auth.deleteWebAuthnCredential( credentialId, { Log.i("AuthQuickstart", "Deleted credential") }, { Log.e("AuthQuickstart", "Failed to delete credential", error) })try { val result = Amplify.Auth.deleteWebAuthnCredential(credentialId) Log.i("AuthQuickstart", "Deleted credential")} catch (error: AuthException) { Log.e("AuthQuickstart", "Failed to delete credential", error)}RxAmplify.Auth.deleteWebAuthnCredential(credentialId) .subscribe( result -> Log.i("AuthQuickstart", "Deleted credential"), error -> Log.e("AuthQuickstart", "Failed to delete credential", error) );削除パスキーAPIには必須の入力としてcredentialIdのみがあり、値を返しません。