Generate WebAuthn registration options

POST /api/verifications/web-authn/registration

Generate WebAuthn registration options for the user to register a new WebAuthn device.

Responses

POST /api/verifications/web-authn/registration
curl \
 --request POST 'https://[tenant_id].logto.app/api/verifications/web-authn/registration' \
 --header "Authorization: Bearer $ACCESS_TOKEN"
Response examples (200)
{
  "verificationRecordId": "string",
  "registrationOptions": {
    "rp": {
      "name": "string",
      "id": "string"
    },
    "user": {
      "id": "string",
      "name": "string",
      "displayName": "string"
    },
    "challenge": "string",
    "pubKeyCredParams": [
      {
        "type": "string",
        "alg": 42.0
      }
    ],
    "timeout": 42.0,
    "excludeCredentials": [
      {
        "type": "string",
        "id": "string",
        "transports": [
          "usb"
        ]
      }
    ],
    "authenticatorSelection": {
      "authenticatorAttachment": "platform",
      "requireResidentKey": true,
      "residentKey": "discouraged",
      "userVerification": "required"
    },
    "attestation": "none",
    "extensions": {
      "appid": "string",
      "credProps": true,
      "hmacCreateSecret": true
    }
  },
  "expiresAt": "string"
}