Non-discoverable credentials (also known as non-resident keys in WebAuthn specification) are tied to a specific user and require the Relying Party (server) to store and provide a credential identifier to the authenticator during login. While the authenticator doesn't store the full credential itself, it uses this credential identifier in conjunction with an internal secret to access the necessary cryptographic keys. These credentials offer strong, phishing-resistant security, but they typically require the user to provide an identifier (like a username) to the Relying Party to initiate the login process.

This page illustrates the use of non-discoverable credentials. You'll need to provide a username and a display name during registration. For subsequent logins, however, only your username is needed to identify you.