Also known as “resident” vs. “non-resident” credentials. From the spec
Historically, client-side discoverable credentials have been known as resident credentials or resident keys. Due to the phrases ResidentKey and residentKey being widely used in both the WebAuthn API and also in the Authenticator Model (e.g., in dictionary member names, algorithm variable names, and operation parameters) the usage of resident within their names has not been changed for backwards compatibility purposes. Also, the term resident key is defined here as equivalent to a client-side discoverable credential.What does this mean exactly?
allowCredentials
field). This allows browsers to offer better, more tailored prompts in some cases. For example: if the list contains a single authenticator with "transports": ["AUTHENTICATOR_TRANSPORT_INTERNAL"]
, Chrome does “the right thing” by skipping the device selection popup: users go straight to the fingerprint popup, with no need to select “this device”!