Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Camera app cannot start FIDO2 transactions with scanned QR code

  • /e/ version: 3.4
  • Device model(s): Murena FP5

Summary

The device supports registering and using FIDO2 credentials. This works fine on the device's own browser.

FIDO2 / WebAUthN / Passkeys have a feature where one can use the browser on a different (not enrolled) device, and then use the FIDO2 credential from the phone to authenticate on that different device.

The process involves

  • turning on Bluetooth BLE on both devices
  • the other device presenting a QR code
  • the phone scans the QR code
  • the phone triggers FIDO2 authentication using the known credential
  • the successful authentication transaction is relayed to the other device via BLE
  • user is logged in on the other device, using the credential from the phone

Description

What is the current behavior?

The camera app can scan the QR code and actually opens an overlay "Use Passkey?" - see screenshot: Screenshot_20260126-090058_Kamera

When clicking on that overlay, an error message is displayed: "No application associated to FIDO:/"

What is the improved behavior?

The QR code with the protocol FIDO:/... should be associated with the MicroG application; which can pick up the pending authentication transaction and complete it.

What does it bring?

It enables the use of a FIDO2/Passkey credential that is stored on the phone on other devices.

Examples

I use more than one device with FIDO2 security key authentication at work. I usually have credentials on each of them. Today, I forgot my physical key for one device, and would have appreciated the ability to use the BLE-based cross-device authentication. It didn't work because the file type association of the FIDO:/ protocol to the MicroG FIDO component is not in place.

Validation

Execute a cross-device authentication successfully.