Non-discoverable credentials (also known as non-resident keys in the WebAuthn specification) are credentials tied to a specific user and require the Relying Party (server) to store and provide a credential identifier to the authenticator during sign-in. While the authenticator doesn't store the full credential itself, it uses this credential identifier together with a device-held key-encryption key to unwrap the associated private key. These credentials offer strong, phishing-resistant security, but they require the user to provide an identifier (such as a username) to the Relying Party to initiate the sign-in process.

This page demonstrates the use of non-discoverable credentials. You'll need to type a username and a display name during sign-up. For subsequent sign-ins, however, only your username will be required.