Bind a WebAuthn credential as a passkey for sign-in purposes. Unlike POST /api/experience/profile/mfa with type: WebAuthn, this endpoint is exclusively for adding a passkey as a sign-in method and does NOT mark the user's optional MFA as enabled.
Responses
-
The passkey has been successfully bound to the user profile.
-
Invalid request.
-session.verification_failed:The WebAuthn verification record is invalid or not verified.
-session.mfa.pending_info_not_found:The verification record does not have the required registration data. -
Entity not found.
-session.identifier_not_found:The user has not been identified yet.
-session.verification_session_not_found:The WebAuthn verification record is not found.
POST
/api/experience/profile/mfa/passkey
curl \
--request POST 'https://[tenant_id].logto.app/api/experience/profile/mfa/passkey' \
--header "Content-Type: application/json" \
--data '{"verificationId":"string"}'
Request examples
{
"verificationId": "string"
}