WebAuthn with multiple Domains

Michael.Uray

Renowned Member
Mar 31, 2009
16
3
68
Austria
www.ctb.co.at
I noticed that I can setup in Configuration-> Other-> WebAuthn TFA just one domain, but I have multiple domains (separate domains, not sub domains) accessing this server.
How can I setup WebAuthn for multiple domains?
 
that's not possible AFAIK, webauthn binds to one specific domain (with the option of allowing sub-domains, but not completely different domains).
 
I did setup domain1 in Configuration-> Other-> WebAuthn TFA and added a WebAuthn authentication to the user.
The user was able to login.

Then I changed over to domain2 and logged in with TOTP.
I did change to domain2 in Configuration-> Other-> WebAuthn TFA and added another WebAuthn authentication to the same user.
The user was able to login with domain2, but as expected not with domain1.

Then I changed Configuration-> Other-> WebAuthn TFA back to domain1 and the user was able to login again via domain1.

This means to me, that I can change between domain1 and domain2 in Configuration-> Other-> WebAuthn TFA back an forth and each domain which is currently set in Configuration-> Other-> WebAuthn TFA works with WebAuthn, without re-registering a key after a change.
This also means to me, that it technically should be possible to change that on the fly by Proxmox, depending on that which domain I am using to connect to it.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!