Closed Bug 1826055 Opened 2 years ago Closed 2 years ago

Cannot assert discoverable credential on login.microsoftonline.com

Categories

(Core :: DOM: Web Authentication, defect)

Product:
Core
Component:
DOM: Web Authentication
Version:
Firefox 113
Platform:
x86_64
Linux
Type:
defect

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1824831

People

(Reporter: luna.stadler, Unassigned)

Details

+++ This bug was initially created as a clone of Bug #1820016 +++

I'm having the same issue as Bug #1820016, but for a business/professional account that redirects to login.microsoftonline.com. It prompts me for my PIN and to confirm via the button on the key as in the video of the original report and then tells me "We had a problem authenticating you. Please try again." in the UI.

@tim.cappalli@microsoft.com, could this be another URL that is not whitelisted by Microsoft?

I get this issue both with internal URLs that are secured using Microsoft's login and also on https://teams.microsoft.com.

I can login on other websites using my Yubikey, e.g. https://webauthn.io/. Login using Chromium also works with the same Microsoft account.

Below is the info from the original report. (Unfortunately I don't know how to verify that this is exactly the same problem, please tell me how I can provide more information if necessary.)

As of Firefox 112, we can create WebAuthn discoverable credentials for passwordless logins on account.live.com on all platforms. (We've supported this on Windows for some time, this bug is for all other platforms.)

When I make a credential on Linux, the RPID is set to login.microsoft.com, so presumably there was a redirect before the MakeCredential request. When attempting to log in on login.live.com there is no redirect and the RPID in the GetAssertion request is login.live.com, which doesn't work.

On Chrome I'm redirected to login.microsoft.com for the GetAssertion request (for the credential created from Firefox), and I'm able to log in.

I'm not sure whether this is a server-side bug, or if we're missing some WebAuthn feature that is being used to trigger the redirect.

Flags: needinfo?(tim.cappalli)

I think this is the same as bug #1824831.

Sounds like it, yes, closing as a duplicate then. Will follow the one you created and see if it fixes this one as well.

Status: UNCONFIRMED → RESOLVED
Closed: 2 years ago
Duplicate of bug: 1824831
Resolution: --- → DUPLICATE
Flags: needinfo?(tim.cappalli)
You need to log in before you can comment on or make changes to this bug.