I'm attempting to use FIDO2 authentication with my Google account and have some questions. First, authenticating at accounts.google.com in Vanadium doesn't appear to work unless Google Play Services (GPS) has been enabled with requisite permissions.

Specifically, I'm given a message: "This app won't work properly unless you allow Google Play services' request to access the following:

  • Files and media

To continue, open Settings, then Permissions, and allow all listed items. "

However, there is no "Files and media" permission for Google Play services App permissions.

What am I missing? And is GPS required for all FIDO2 implementations in Vanadium, Bromite, and other browsers?

    Kryptos

    I'm attempting to use FIDO2 authentication with my Google account and have some questions. First, authenticating at accounts.google.com in Vanadium doesn't appear to work unless Google Play Services (GPS) has been enabled with requisite permissions.

    This is expected and intended. GrapheneOS may add its own FIDO2 provider in the future at least for use in Vanadium, but for now FIDO2 is only supported via Play Services.

    there is no "Files and media" permission for Google Play services App permissions.

    This permission was split into 3 in Android 13. Instead, you need to enable Storage Scopes for Play Services for FIDO2 to work.

    And is GPS required for all FIDO2 implementations in Vanadium, Bromite, and other browsers?

    GMS isn't fundamentally required. However, Chromium only supports FIDO2 via Play Services, so Play Services is usually required for FIDO2 to work in Chromium-based browsers.

      Kryptos Go to the permissions for Play Services in Settings and select either "Music and audio" or "Photos and videos." Click "Configure Storage Scopes" and then toggle "Enable Storage Scopes" on.

        lberrymage I did, thanks. If this can be made more intuitive it might be very helpful... But it seems something is still amiss.

        At accounts.googke.com, after entering my username and password I'm prompted with:

        "Verifying it's you... Complete sign-in by using your security key."

        But then a popup appears telling me to verify with my fingerprint. I do and then it responds with:

        "There was a problem. Try using your security key again or try another way to verify it’s you."

        But I was prevented from using my key by the fingerprint popup and when I click "Try again" the ability to use my security key is again circumvented by the same popup.

        Is this a Graphene issue? Any ideas? Btw, I don't consider this solved. Could you please remove the tag?

          Kryptos I'm not sure what the issue is. FIDO2 works for me in Vanadium in the exact same flow as you described. Maybe try closing and reopening the page and/or rebooting?