ForgeRock Developer Experience

Handle WebAuthn errors

When an error occurs during the registration or authentication process, the Android SDK returns the WebAuthnResponseException exception. In most cases, errors are returned as per the specification. The error code can be found from WebAuthnResponseExcetpion.getErrorCode().

Convert exceptions for handling by the AM server

When you use WebAuthnRegistrationCallback.register() or WebAuthnAuthenticationCallback.authenticate(), the SDK automatically parses the error into the appropriate format for AM. When AM receives the completed callback from the SDK the authentication flow follows the WebAuthn registration process to reach the appropriate outcome.

However, if the error has to be handled manually, the WebAuthnResponseException class provides a convenience method called toServerError() to convert the error into the appropriate format.

callback.register(this, node, new FRListener<Void>() {
    @Override
    public void onSuccess(Void result) {
        next();
    }

    @Override
    public void onException(Exception e) {
        if (e instanceof WebAuthnResponseException) {
            WebAuthnResponseException exception = (WebAuthnResponseException) e;
            exception.getErrorCode(); // Do something with the error or proceed to the next node.
        }
    }
});

WebAuthnResponseExcetpion.getErrorCode() == com.google.android.gms.fido.fido2.api.common.ErrorCode#NOT_SUPPORTED_ERR results in an Unsupported outcome in both WebAuthn Registration node and WebAuthn Authentication node.

Any other WebAuthnResponseExcetpion.getErrorCode() results in a Client Error outcome in the nodes.