POST
/
passkey
/
append
/
start
Start creating a new passkey
curl --request POST \
  --url https://backendapi.corbado.io/v2/passkey/append/start \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '{
  "userID": "<string>",
  "processID": "<string>",
  "username": "<string>",
  "clientInformation": {
    "remoteAddress": "::ffff:172.18.0.1",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
    "clientEnvHandle": "<string>",
    "javascriptFingerprint": "<string>",
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "bluetoothAvailable": true,
    "passwordManagerAvailable": true,
    "userVerifyingPlatformAuthenticatorAvailable": true,
    "conditionalMediationAvailable": true,
    "privateMode": true,
    "parsedDeviceInfo": {
      "browserName": "<string>",
      "browserVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    },
    "nativeMeta": {
      "build": "<string>",
      "deviceOwnerAuth": "<string>",
      "isPlatformAuthenticatorAPISupported": true,
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "googlePlayServices": true,
      "deviceSecure": true
    }
  },
  "passkeyIntelFlags": {
    "forcePasskeyAppend": true,
    "askForAutoAppend": true
  }
}'
{
  "appendAllow": true,
  "attestationOptions": "{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"example@mail.com\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}",
  "detectionInsights": {
    "tags": [
      {
        "category": "support",
        "name": "<string>"
      }
    ],
    "credentialIds": [
      "<string>"
    ],
    "clientEnvIds": [
      "<string>"
    ],
    "passwordManagerIds": [
      "<string>"
    ],
    "historyData": {
      "defaultCount": 123,
      "afterErrorCount": 123,
      "afterHybridCount": 123,
      "autoCount": 123,
      "defaultCooldown": true,
      "afterErrorCooldown": true,
      "afterHybridCooldown": true,
      "autoCooldown": true
    }
  },
  "decisionInsights": {
    "tag": "env-no-platform-pk-support",
    "isRestrictedBrowser": true,
    "variant": "default",
    "auto": true
  }
}

Authorizations

Authorization
string
header
required

Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret.

The project ID and API secret can be found in the Developer Panel.

Body

application/json

Response

200
application/json

Passkey creation process has been started.

The response is of type object.