Permissions-Policy: publickey-credentials-get
Experimental: This is an experimental technology
Check the Browser compatibility table carefully before using this in production.
The HTTP Permissions-Policy header publickey-credentials-get directive controls whether the current document is allowed to access the Web Authentication API to retrieve public-key credentials, i.e., via navigator.credentials.get({publicKey})
Specifically, where a defined policy blocks the use of this feature, the Promise returned by navigator.credentials.get({publicKey}) will reject with a SecurityError DOMException.
Syntax
http
Permissions-Policy: publickey-credentials-get=<allowlist>;
<allowlist>-
A list of origins for which permission is granted to use the feature. See
Permissions-Policy> Syntax for more details.
Default policy
The default allowlist for publickey-credentials-get is self.
Specifications
| Specification |
|---|
| Web Authentication: An API for accessing Public Key Credentials - Level 3 # sctn-permissions-policy |
Browser compatibility
BCD tables only load in the browser
See also
Permissions-Policyheader- Permissions Policy
- Web Authentication API
PublicKeyCredentialinterface