Non-discoverable key support for Android Credential

[syntag]

Hi, not sure if this is the right repo to post this.

I'm wondering if there are any plans on the roadmap to introduce non-discoverable/security key (e.g Yubikey) signing support for Android Credential Manager? Currently, the recommendation from Google is to use the FIDO API since this is not supported today (source).

The FIDO credentials API is missing configuration options such as UserVerification and is outdated.

[cy245]

Credential Manager supports creating and using passkeys (i.e. discoverable credentials) from security keys. You can test this by doing a create request and not setting a value for authenticatorAttachment parameter. Users will be prompted to create a passkey in the default password manager, and if they tap on More options, they can choose "Use another device" and then choose the USB security key.