From version 6.3 vSEC:CMS has the ability to manage the life cycle of FIDO2 device-bound passkeys.
Using vSEC:CMS you can register and manage FIDO2 device-bound passkeys on behalf of a user with an IdP. When a supported FIDO2 device-bound passkey is issued with vSEC:CMS, the credential (public key) is sent to the IdP which will use this when authenticating the user post issuance. If the supported FIDO2 device-bound passkey also has a PKI application then you can leverage on this to issue and manage certificates for other use cases using vSEC:CMS as part of the issuance process.
vSEC:CMS supports multiple IdPs for managing FIDO2 device-bound passkeys. Please refer to the different articles below for details on how to integrate with them: