Credential management

Real relying parties keep a record per registered credential — an ID, a public key, a name, when it was created, whether it's backed up. This page is that record for your demo session: rename a credential, or delete one.

Keeping the server and your authenticator in sync

Deleting a credential here removes the server's record immediately — but the passkey itself may still sit in your browser's password manager, since the server has no way to reach into it directly. Where supported, this page also calls the WebAuthn Signal API's signalUnknownCredential() after a delete, telling the browser "this credential ID isn't valid here anymore" so it can clean up its own saved entry too. It's feature-detected and best-effort — most browsers don't support it yet.

Your credentials

Loading credentials…