Verify WebAuthn registration

POST /api/verifications/web-authn/registration/verify

O auth2

Verify the WebAuthn registration by the user's response.

application/json

Body Required

verificationRecordId string Required

The ID of the verification record.
payload object Required

The payload of the WebAuthn device.
Hide payload attributes Show payload attributes object
- type string("WebAuthn") Required
- id string Required
- rawId string Required
- response object Required
  Hide response attributes Show response attributes object
  
  clientDataJSON string Required
  
  attestationObject string Required
  
  authenticatorData string
  
  transports array[string]
  
  Values are usb, nfc, ble, internal, cable, hybrid, or smart-card.
  
  publicKeyAlgorithm number
  
  publicKey string
- authenticatorAttachment string
  
  Values are cross-platform or platform.
- clientExtensionResults object Required
  Hide clientExtensionResults attributes Show clientExtensionResults attributes object
  
  appid boolean
  
  crepProps object
  
  Hide crepProps attribute Show crepProps attribute object
  
  rk boolean
  
  hmacCreateSecret boolean

Responses

200 application/json

The WebAuthn registration has been successfully verified.
Hide response attribute Show response attribute object
- verificationRecordId string Required
400

Bad Request
401

Unauthorized
403

Forbidden
404

Not Found

POST /api/verifications/web-authn/registration/verify

curl \
 --request POST 'https://[tenant_id].logto.app/api/verifications/web-authn/registration/verify' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"verificationRecordId":"string","payload":{"type":"string","id":"string","rawId":"string","response":{"clientDataJSON":"string","attestationObject":"string","authenticatorData":"string","transports":["usb"],"publicKeyAlgorithm":42.0,"publicKey":"string"},"authenticatorAttachment":"cross-platform","clientExtensionResults":{"appid":true,"crepProps":{"rk":true},"hmacCreateSecret":true}}}'

Request examples

{
  "verificationRecordId": "string",
  "payload": {
    "type": "string",
    "id": "string",
    "rawId": "string",
    "response": {
      "clientDataJSON": "string",
      "attestationObject": "string",
      "authenticatorData": "string",
      "transports": [
        "usb"
      ],
      "publicKeyAlgorithm": 42.0,
      "publicKey": "string"
    },
    "authenticatorAttachment": "cross-platform",
    "clientExtensionResults": {
      "appid": true,
      "crepProps": {
        "rk": true
      },
      "hmacCreateSecret": true
    }
  }
}

Response examples (200)

{
  "verificationRecordId": "string"
}