FIDO-ERR-5011: Json could not be parsed : Policy requires counter
StrongKey FIDO Server (SKFS) manages the security policies with its Policy Module (PM). During a default standalone installation, SKFS-PM establishes eight distinct domains for SKFS, each governed by its own unique policy.
NOTE: Learn more about the Policy Module here.
Generally, this error is thrown when you are registering and authenticating against the cryptographic domain (did) which enforces a policy that makes the “requireCounter” mandatory. By default, SKFS require counter increase for all policies to help SKFS detect clone authenticators.
However, there are some authenticators like Apple (touch id) or authenticators that provide “NONE” attestation that do not provide counters.
Therefore, to solve this issue, update the policy on the domain to be used to make “requireCounter” optional. If the policy is changed "NOT" to require counters, it will be able to authenticate with the device.
To get the policy and update the policy for any domain, use the following links:
Copyright (c) 2001-2024 StrongAuth, Inc. (dba StrongKey) All Rights Reserved