Added clarification on 403 for attestation. [skip-ci]

2022-06-14 05:32:29 -04:00
parent 59e683db58
commit 1b923335d0
1 changed files with 2 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -254,6 +254,8 @@ public function register(AttestedRequest $request)
 }
 ```

+> Both `AttestationRequest` and `AttestedRequest` validates the authenticated user. If the user is not authenticated, an HTTP 403 status code will be returned.
+
 ### Attestation User verification

 By default, the authenticator decides how to verify user when creating a credential. Some may ask to press a "Continue" button to confirm presence, others will verify the User with biometrics, patterns or passwords.