Create WebAuthn authentication verification

POST /api/experience/verification/web-authn/authentication

Create a new WebAuthn authentication verification record based on the user's existing WebAuthn credential. This verification record can be used to verify the user's WebAuthn credential.

Responses

  • 200 application/json

    WebAuthn authentication successfully initiated.

    Hide response attributes Show response attributes object
  • The user does not have a verified WebAuthn credential.

  • The current interaction is not yet identified. All MFA verification records must be associated with an identified user.

POST /api/experience/verification/web-authn/authentication
curl \
 -X POST https://[tenant_id].logto.app/api/experience/verification/web-authn/authentication
Response examples (200)
{
  "verificationId": "string",
  "authenticationOptions": {
    "challenge": "string",
    "timeout": 42.0,
    "rpId": "string",
    "allowCredentials": [
      {
        "type": "string",
        "id": "string",
        "transports": [
          "usb"
        ]
      }
    ],
    "userVerification": "required",
    "extensions": {
      "appid": "string",
      "credProps": true,
      "hmacCreateSecret": true
    }
  }
}