On Safari Technology Preview Release 151 (Safari 16.0, WebKit 18615.1.1.2) on macOS 13 beta 5 the conditional UI (https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-Conditional-UI) functionality for Passkeys does not set the user verified flag in the authenticationData of the response. Reproducing Steps: 1. Webpage with <input autocomplete="webauthn"/ > 2. Perform webauthn get with a conditional mediation: navigator.credentials.get({ mediation: 'conditional', publicKey: { challenge: <challengeFromServer>, rpId: <rpId>, userVerification: "required" } }).then(({id, type, response, authenticatorAttachment}) => { console.log(response.authenticatorData); }); 3. Click into the input box - note that the conditional UI appears. 4. Complete the authentication with a registered credential. 5. decode the response.authenticatorData field and note the uv flag is not set. Example flags: flags: { up: true, uv: false, be: true, bs: true, at: false, ed: false, flagsInt: 25 } When invoking the navigator.credentials.get request manually (without conditional mediation) and using the exact same public key request options and the same credentials, the user verified flag is set.
This behavior is fixed in Safari Technical Preview Release 152 (Safari 16.0, WebKit 18615.1.2.3). The uv flag is correctly set.