Permissions-Policy: publickey-credentials-get directive
{{SeeCompatTable}}
The HTTP {{HTTPHeader("Permissions-Policy")}} header publickey-credentials-get directive controls whether the current document is allowed to access the Web Authentication API to retrieve public-key credentials, i.e., via {{domxref("CredentialsContainer.get","navigator.credentials.get({publicKey})")}} .
Specifically, where a defined policy blocks the use of this feature, the {{jsxref("Promise")}} returned by navigator.credentials.get({publicKey}) will reject with a NotAllowedError {{domxref("DOMException")}} .
Syntax
Permissions-Policy: publickey-credentials-get=<allowlist>;
<allowlist>- : A list of origins for which permission is granted to use the feature. See
Permissions-Policy> Syntax for more details.
- : A list of origins for which permission is granted to use the feature. See
Default policy
The default allowlist for publickey-credentials-get is self.
Specifications
{{Specifications}}
Browser compatibility
{{Compat}}
See also
{{HTTPHeader("Permissions-Policy")}}header- Permissions Policy
- Web Authentication API
{{DOMxRef("PublicKeyCredential")}}interface