In a corporate setting there are Windows Group Policies restricting the use of FIDO Platform authenticators (e.g. Windows Hello (for Business) on Microsoft Windows devices)
Using the PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable() method in a browser results in false (https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential/isUserVerifyingPlatformAuthenticatorAvailable_static).
Is there any clear approach on which Windows Group Policy settings need to be enabled/set exactly to get a true response?
Second, which policies would be required to make the FIDO/WebAuthN platform authenticator work, if that would be different/further policies.
If possible, we don't need users to rollout for Windows Hello for Business or have that active, but they should be able to pair their device as a FIDO Platform authenticator for other online services/platforms, where that is a possible authentication method.
Yes I can try it out but maybe there is a good explanation or somebody else already faced this issue (possibly in a corporate context with restricted/managed devices).
