MicrosoftThanks for the response. I assumed that the in-box fidocredprovider comes into play when WebAuthn APIs are called. Using tools like procexp and spy++, I can see that in the logon desktop case, either CredentialUIBroker.exe (a local COM server) is not launched or it fails to create the window used to display the Windows Hello dialog. The webauthn event log reports that there are errors related to having no interactive user or the caller being the local SYSTEM account.
I don't mean for this to be a technical help blog, but I really want to use the platform WebAuthn APIs and there isn't much in the way of technical documentation or guidance on using them. I assume that Microsoft wants developers to use of the APIs, which very nicely encapsulate CTAP2 and transport layer details. If the APIs work only after the user logs onto the desktop, then they are not useful for third-party credential providers that want to use FIDO authentication for signing onto the desktop.
Thanks,
Greg
