API Reference
Frontend API
Backend API
- POSTStart creating a new passkey
- POSTFinish creating a new passkey
- POSTStart login with an existing passkey
- POSTFinish login with an existing passkey
- POSTVerify signedPasskeyData from a passkey login
- POSTStart login with an existing passkey (Conditional UI)
- POSTFinish login with an existing passkey (Conditional UI)
- POST
Finish creating a new passkey
Copy
Ask AI
curl --request POST \
--url https://backendapi.corbado.io/v2/passkey/append/finish \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--data '
{
"userID": "<string>",
"processID": "<string>",
"attestationResponse": "{\"type\":\"public-key\",\"id\":\"JM6...J_Q\",\"rawId\":\"JM6...J_Q\",\"authenticatorAttachment\":null,\"response\":{\"clientDataJSON\":\"eyJ...ZX0\",\"authenticatorData\":\"SZY...AAQ\",\"signature\":\"Ni7...YAg\",\"userHandle\":\"dXN...zk5\"},\"clientExtensionResults\":{}}",
"clientInformation": {
"remoteAddress": "::ffff:172.18.0.1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
"userVerifyingPlatformAuthenticatorAvailable": true,
"conditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"parsedDeviceInfo": {
"browserName": "<string>",
"browserVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
},
"clientEnvHandle": "<string>",
"javascriptFingerprint": "<string>",
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"bluetoothAvailable": true,
"passwordManagerAvailable": true,
"privateMode": true,
"nativeMeta": {
"build": "<string>",
"deviceOwnerAuth": "<string>",
"isPlatformAuthenticatorAPISupported": true,
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"googlePlayServices": true,
"deviceSecure": true,
"brand": "<string>",
"model": "<string>"
}
},
"trackingID": "<string>",
"sendNotification": true
}
'Copy
Ask AI
{
"passkeyData": {
"id": "<string>",
"userID": "<string>",
"username": "<string>",
"ceremonyType": "local",
"challengeID": "<string>",
"aaguidDetails": {
"aaguid": "<string>",
"name": "<string>",
"iconLight": "<string>",
"iconDark": "<string>"
}
}
}Passkeys
Finish creating a new passkey
Finishes creating a new passkey by completing the WebAuthn ceremony.
POST
/
passkey
/
append
/
finish
Finish creating a new passkey
Copy
Ask AI
curl --request POST \
--url https://backendapi.corbado.io/v2/passkey/append/finish \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--data '
{
"userID": "<string>",
"processID": "<string>",
"attestationResponse": "{\"type\":\"public-key\",\"id\":\"JM6...J_Q\",\"rawId\":\"JM6...J_Q\",\"authenticatorAttachment\":null,\"response\":{\"clientDataJSON\":\"eyJ...ZX0\",\"authenticatorData\":\"SZY...AAQ\",\"signature\":\"Ni7...YAg\",\"userHandle\":\"dXN...zk5\"},\"clientExtensionResults\":{}}",
"clientInformation": {
"remoteAddress": "::ffff:172.18.0.1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
"userVerifyingPlatformAuthenticatorAvailable": true,
"conditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"parsedDeviceInfo": {
"browserName": "<string>",
"browserVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
},
"clientEnvHandle": "<string>",
"javascriptFingerprint": "<string>",
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"bluetoothAvailable": true,
"passwordManagerAvailable": true,
"privateMode": true,
"nativeMeta": {
"build": "<string>",
"deviceOwnerAuth": "<string>",
"isPlatformAuthenticatorAPISupported": true,
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"googlePlayServices": true,
"deviceSecure": true,
"brand": "<string>",
"model": "<string>"
}
},
"trackingID": "<string>",
"sendNotification": true
}
'Copy
Ask AI
{
"passkeyData": {
"id": "<string>",
"userID": "<string>",
"username": "<string>",
"ceremonyType": "local",
"challengeID": "<string>",
"aaguidDetails": {
"aaguid": "<string>",
"name": "<string>",
"iconLight": "<string>",
"iconDark": "<string>"
}
}
}Authorizations
Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret.
The project ID and API secret can be found in the Developer Panel.
Body
application/json
ID of the user
Example:
"{\"type\":\"public-key\",\"id\":\"JM6...J_Q\",\"rawId\":\"JM6...J_Q\",\"authenticatorAttachment\":null,\"response\":{\"clientDataJSON\":\"eyJ...ZX0\",\"authenticatorData\":\"SZY...AAQ\",\"signature\":\"Ni7...YAg\",\"userHandle\":\"dXN...zk5\"},\"clientExtensionResults\":{}}"
Show child attributes
Show child attributes
Client's IP address
Example:
"::ffff:172.18.0.1"
Client's user agent
Example:
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
Show child attributes
Show child attributes
Client's environment handle
Client's fingerprint
Client's Bluetooth availability
Client's password manager availability
Show child attributes
Show child attributes
Response
Passkey append succeeded.
Show child attributes
Show child attributes
Available options:
local, cda, security-key Was this page helpful?
⌘I