Have you searched for an existing issue?

• Yes, I tried searching and reviewed the pinned issues

Brief Summary

Hi,

I'm trying to use KeepassXC to authenticate on company portal that uses PingID auth (https://www.pingidentity.com/en.html)
I was able to enroll KeepassXC as 'biometrics' authentcation.

But authentication step doesn't work. Sometimes no message from KeepassXC (I think because authentication happens immediately during page load and browser extension is not able to inject code). But when request is captured, keepassxc shows "no logins found"

{
  "challenge": "EDITED1",
  "enterpriseAttestationPossible": false,
  "rpId": "pingone.eu",
  "timeout": 120000,
  "userVerification": "required",
  "allowCredentials": [
    {
      "id": "EDITED2",
      "transports": [
        "internal"
      ],
      "type": "public-key"
    }
  ]
}

I've tried to debug it. And found that KeepassXC compare 'allowCredentials' with credentialId field of passkey. But for my case it's not same as EDITED2. I think it's because of type=public-key. So to match it properly it's required to get public part from private key..

Note: even skipping this check for now (so that entry is actually used) for some reason it don't accept response. Not sure why. PingID reloads page before trying to authenticate and before showing error message, so it's hard to capture something.

Steps to Reproduce

Hard to reproduce because it's not public service

Expected Versus Actual Behavior

No response

KeePassXC Debug Information

KeePassXC - Version 2.8.0-snapshot
Build Type: Snapshot
Revision: fb022cb

Qt 5.15.15
Debugging mode is enabled.

Operating system: Debian GNU/Linux trixie/sid
CPU architecture: x86_64
Kernel: linux 6.11.9-amd64

Enabled extensions:
- Auto-Type
- Browser Integration
- Passkeys

Cryptographic libraries:
- Botan 3.6.1

Operating System

Linux

Linux Desktop Environment

KDE

Linux Windowing System

X11