Before reporting an issue

[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

authentication/webauthn

Describe the bug

Same issue as https://github.com/keycloak/keycloak/issues/24645. I could not reopen the other

Version

25.0.2

Regression

[ ] The issue is a regression

Expected behavior

Ability to add security keys for federated users. Note that it may be needed to simulate this with LDAP provider with import disabled (To make sure that userId is in longer format like f:<ldap provider UUID>:<ldap UUID> or might be simulated with custom userStorage provider.

Actual behavior

Error: Security key registration result is invalid. TypeError: User handle exceeds 64 bytes.

How to Reproduce?

Add User federation ldap should work well if the username is set to userPrincipalName.

Anything else?

I don't think that WebAuthn will change their standards which leaves it to Keycloak to adjust. Here is the link to the specification https://www.w3.org/TR/webauthn-2/#sctn-createCredential. It fails on point 5.