# Verify passkey sign-in WebAuthn authentication

**POST /api/experience/verification/sign-in-passkey/authentication/verify**

Verify the passkey sign-in WebAuthn authentication response against the stored authentication challenge. When `verificationId` is provided, it verifies against the challenge generated by the identifier-based authentication endpoint. When omitted, it verifies against the preflight authentication options stored in the interaction. Upon successful verification, the verification record will be marked as verified and the user will be resolved by the credential if not provided earlier.


## Servers
- Logto endpoint address.: https://[tenant_id].logto.app (Logto endpoint address.)



## Parameters



### Body: application/json (object)

- **verificationId** (string)
  The verification ID of the passkey sign-in WebAuthn authentication record. Optional when using discoverable passkey flow with preflight authentication options.
- **payload** (object)
  The WebAuthn assertion response from the user's passkey credential.


## Responses
### 200
The passkey sign-in WebAuthn authentication has been successfully verified.

#### Body: application/json (object)
- **verificationId** (string)
  The unique verification ID of the passkey sign-in WebAuthn authentication verification record.

### 400
Invalid request. <br/> - `session.mfa.pending_info_not_found:` The WebAuthn authentication challenge is missing in the current verification record. <br/>- `session.mfa.webauthn_verification_failed:` The WebAuthn assertion response is invalid or cannot be verified.

### 404
Verification session not found.

### 409
Identity conflict. <br/> - `session.identity_conflict:` The user associated with the verified WebAuthn credential does not match the identified user in the current interaction.


[Powered by Bump.sh](https://bump.sh)