Skip to main content

security webauthn credentials delete

Contributors
Suggest changes
PDFs

Delete Webauthn Credentials Data

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The security webauthn credentials delete command deletes a previously registered FIDO2/WebAuthn credential. All users can delete their own registered FIDO2/WebAuthn credentials, regardless of their authorization role. Only users with admin privileges can delete FIDO2/WebAuthn credentials belonging to other users.

Parameters

-vserver <vserver name> - Vserver

This parameter optionally specifies the Vserver associated with the FIDO2/WebAuthn credential. If not specified, this defaults to the cluster Vserver.

-username <text> - Username

Name of the user whose credential is to be deleted.

-index <integer> - Index

The index of the FIDO2/WebAuthn credential to be deleted. This is used to identify the specific credential if the user has multiple FIDO2/WebAuthn credentials registered and only one of them is to be deleted.

-rpId <text> - Relying Party ID

The rpId of the FIDO2/WebAuthn credential to be deleted.

Examples

The following command, when executed by a user with admin privileges, deletes all registered FIDO2/WebAuthn credentials for the Administrative Vserver. When executed by users without admin privileges, the command only deletes that user's own registered credentials:

cluster1::> security webauthn credentials delete *
4 entries were deleted.

The following command, when executed by a user with admin privileges, deletes all registered FIDO2/WebAuthn credentials for the Administrative Vserver for the username user1 :

cluster1::> security webauthn credentials delete -username user1 *
1 entry was deleted.

The following command, when executed by a user with admin privileges, deletes the registered FIDO2/WebAuthn credentials for the Administrative Vserver for the username user1 at index 1 for the rpId myontap.example.com :

cluster1::> security webauthn credentials delete -username user1 -index 1 -rpId myontap.example.com
1 entry was deleted.