Check if a credential_id is available on platform authenticator with WebAuthN

Question

Is there a way to check before calling navigator.credentials.get if the credential exists on the platform authenticator? For example, if you specify that only platform authenticators can be used and not roaming authenticators, how do you know if the credential still exists on the platform authenticator? If the platform authenticator being used is your phone, then the credentials will be removed when you factory reset the device.

I'm familiar with the concept of resident keys vs non-resident keys and that resident keys are discoverable. I'm asking though for the non-resident keys use case. Is the only

Note: I already asked a similar question here, but what I'm asking here is different. I want to know how to check for the existence of the credential from the browser and not using the Android APIs like the other question.

Answer 1

Unfortunately, it's the same answer as to your other question: There is no way to be 100% sure. Best possible solution as of today is storing the credential id in local storage (or a cookie) where it was created. That way, you can check if you should offer fingerprint login (aka. Platform Authenticator) option on that device, i.e., in that browser.

There's been some attempts in FIDO Alliance and W3C WebAuthn WG to change this, but so far it has not been done mainly due to privacy reasons.