Start creating a new passkey

curl --request POST \
  --url https://backendapi.corbado.io/v2/passkey/append/start \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '{
  "userID": "<string>",
  "processID": "<string>",
  "username": "<string>",
  "clientInformation": {
    "remoteAddress": "::ffff:172.18.0.1",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
    "clientEnvHandle": "<string>",
    "javascriptFingerprint": "<string>",
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "bluetoothAvailable": true,
    "passwordManagerAvailable": true,
    "userVerifyingPlatformAuthenticatorAvailable": true,
    "conditionalMediationAvailable": true,
    "privateMode": true,
    "parsedDeviceInfo": {
      "browserName": "<string>",
      "browserVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    },
    "nativeMeta": {
      "build": "<string>",
      "deviceOwnerAuth": "<string>",
      "isPlatformAuthenticatorAPISupported": true,
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "googlePlayServices": true,
      "deviceSecure": true
    }
  },
  "passkeyIntelFlags": {
    "forcePasskeyAppend": true,
    "askForAutoAppend": true
  }
}'

{
  "appendAllow": true,
  "attestationOptions": "{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"example@mail.com\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}",
  "detectionInsights": {
    "tags": [
      {
        "category": "support",
        "name": "<string>"
      }
    ],
    "credentialIds": [
      "<string>"
    ],
    "clientEnvIds": [
      "<string>"
    ],
    "passwordManagerIds": [
      "<string>"
    ],
    "historyData": {
      "defaultCount": 123,
      "afterErrorCount": 123,
      "afterHybridCount": 123,
      "autoCount": 123,
      "defaultCooldown": true,
      "afterErrorCooldown": true,
      "afterHybridCooldown": true,
      "autoCooldown": true
    }
  },
  "decisionInsights": {
    "tag": "env-no-platform-pk-support",
    "isRestrictedBrowser": true,
    "variant": "default",
    "auto": true
  }
}

POST

passkey

append

start

Start creating a new passkey

curl --request POST \
  --url https://backendapi.corbado.io/v2/passkey/append/start \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '{
  "userID": "<string>",
  "processID": "<string>",
  "username": "<string>",
  "clientInformation": {
    "remoteAddress": "::ffff:172.18.0.1",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
    "clientEnvHandle": "<string>",
    "javascriptFingerprint": "<string>",
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "bluetoothAvailable": true,
    "passwordManagerAvailable": true,
    "userVerifyingPlatformAuthenticatorAvailable": true,
    "conditionalMediationAvailable": true,
    "privateMode": true,
    "parsedDeviceInfo": {
      "browserName": "<string>",
      "browserVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    },
    "nativeMeta": {
      "build": "<string>",
      "deviceOwnerAuth": "<string>",
      "isPlatformAuthenticatorAPISupported": true,
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "googlePlayServices": true,
      "deviceSecure": true
    }
  },
  "passkeyIntelFlags": {
    "forcePasskeyAppend": true,
    "askForAutoAppend": true
  }
}'

{
  "appendAllow": true,
  "attestationOptions": "{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"example@mail.com\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}",
  "detectionInsights": {
    "tags": [
      {
        "category": "support",
        "name": "<string>"
      }
    ],
    "credentialIds": [
      "<string>"
    ],
    "clientEnvIds": [
      "<string>"
    ],
    "passwordManagerIds": [
      "<string>"
    ],
    "historyData": {
      "defaultCount": 123,
      "afterErrorCount": 123,
      "afterHybridCount": 123,
      "autoCount": 123,
      "defaultCooldown": true,
      "afterErrorCooldown": true,
      "afterHybridCooldown": true,
      "autoCooldown": true
    }
  },
  "decisionInsights": {
    "tag": "env-no-platform-pk-support",
    "isRestrictedBrowser": true,
    "variant": "default",
    "auto": true
  }
}

Authorizations

Authorization

string

header

required

Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret.

The project ID and API secret can be found in the Developer Panel.

Body

application/json

userID

string

required

ID of the user

processID

string

required

username

string

required

clientInformation

object

required

Show child attributes

passkeyIntelFlags

object

required

Show child attributes

Response

Passkey creation process has been started.

appendAllow

boolean

required

attestationOptions

string

required

Example:

"{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"example@mail.com\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}"

detectionInsights

object

required

Show child attributes

decisionInsights

object

required

Show child attributes

Revoke a session Finish creating a new passkey

API Reference

Frontend API

Backend API

Start creating a new passkey

Authorizations

Body

Response