Start creating a new passkey

curl --request POST \
  --url https://backendapi.corbado.io/v2/passkey/append/start \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "userID": "<string>",
  "processID": "<string>",
  "username": "<string>",
  "clientInformation": {
    "remoteAddress": "::ffff:172.18.0.1",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
    "userVerifyingPlatformAuthenticatorAvailable": true,
    "conditionalMediationAvailable": true,
    "clientCapabilities": {
      "conditionalCreate": true,
      "conditionalMediation": true,
      "hybridTransport": true,
      "passkeyPlatformAuthenticator": true,
      "userVerifyingPlatformAuthenticator": true
    },
    "parsedDeviceInfo": {
      "browserName": "<string>",
      "browserVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    },
    "clientEnvHandle": "<string>",
    "javascriptFingerprint": "<string>",
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "bluetoothAvailable": true,
    "passwordManagerAvailable": true,
    "privateMode": true,
    "nativeMeta": {
      "build": "<string>",
      "deviceOwnerAuth": "<string>",
      "isPlatformAuthenticatorAPISupported": true,
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "googlePlayServices": true,
      "deviceSecure": true,
      "brand": "<string>",
      "model": "<string>"
    }
  },
  "passkeyIntelFlags": {
    "forcePasskeyAppend": true,
    "askForAutoAppend": true,
    "askForConditionalCreate": true,
    "askForInAppAppend": "<string>"
  },
  "situation": "<string>"
}
'

{
  "appendAllow": true,
  "attestationOptions": "{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"[email protected]\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}",
  "detectionInsights": {
    "tags": [
      {
        "category": "support",
        "name": "<string>"
      }
    ],
    "credentialIds": [
      "<string>"
    ],
    "clientEnvIds": [
      "<string>"
    ],
    "passwordManagerIds": [
      "<string>"
    ],
    "historyData": {
      "defaultCount": 123,
      "afterErrorCount": 123,
      "afterHybridCount": 123,
      "autoCount": 123,
      "defaultCooldown": true,
      "afterErrorCooldown": true,
      "afterHybridCooldown": true,
      "autoCooldown": true,
      "conditionalCreateCooldown": true,
      "inAppCooldown": true
    }
  },
  "decisionInsights": {
    "tag": "env-no-platform-pk-support",
    "isRestrictedBrowser": true,
    "variant": "default",
    "auto": true,
    "conditional": true,
    "customData": {}
  }
}

POST

passkey

append

start

Start creating a new passkey

curl --request POST \
  --url https://backendapi.corbado.io/v2/passkey/append/start \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "userID": "<string>",
  "processID": "<string>",
  "username": "<string>",
  "clientInformation": {
    "remoteAddress": "::ffff:172.18.0.1",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
    "userVerifyingPlatformAuthenticatorAvailable": true,
    "conditionalMediationAvailable": true,
    "clientCapabilities": {
      "conditionalCreate": true,
      "conditionalMediation": true,
      "hybridTransport": true,
      "passkeyPlatformAuthenticator": true,
      "userVerifyingPlatformAuthenticator": true
    },
    "parsedDeviceInfo": {
      "browserName": "<string>",
      "browserVersion": "<string>",
      "osName": "<string>",
      "osVersion": "<string>"
    },
    "clientEnvHandle": "<string>",
    "javascriptFingerprint": "<string>",
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "bluetoothAvailable": true,
    "passwordManagerAvailable": true,
    "privateMode": true,
    "nativeMeta": {
      "build": "<string>",
      "deviceOwnerAuth": "<string>",
      "isPlatformAuthenticatorAPISupported": true,
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "googlePlayServices": true,
      "deviceSecure": true,
      "brand": "<string>",
      "model": "<string>"
    }
  },
  "passkeyIntelFlags": {
    "forcePasskeyAppend": true,
    "askForAutoAppend": true,
    "askForConditionalCreate": true,
    "askForInAppAppend": "<string>"
  },
  "situation": "<string>"
}
'

{
  "appendAllow": true,
  "attestationOptions": "{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"[email protected]\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}",
  "detectionInsights": {
    "tags": [
      {
        "category": "support",
        "name": "<string>"
      }
    ],
    "credentialIds": [
      "<string>"
    ],
    "clientEnvIds": [
      "<string>"
    ],
    "passwordManagerIds": [
      "<string>"
    ],
    "historyData": {
      "defaultCount": 123,
      "afterErrorCount": 123,
      "afterHybridCount": 123,
      "autoCount": 123,
      "defaultCooldown": true,
      "afterErrorCooldown": true,
      "afterHybridCooldown": true,
      "autoCooldown": true,
      "conditionalCreateCooldown": true,
      "inAppCooldown": true
    }
  },
  "decisionInsights": {
    "tag": "env-no-platform-pk-support",
    "isRestrictedBrowser": true,
    "variant": "default",
    "auto": true,
    "conditional": true,
    "customData": {}
  }
}

Authorizations

Authorization

string

header

required

Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret.

The project ID and API secret can be found in the Developer Panel.

Body

application/json

userID

string

required

ID of the user

processID

string

required

username

string

required

clientInformation

object

required

Show child attributes

clientInformation.remoteAddress

string

required

Client's IP address

Example:

"::ffff:172.18.0.1"

clientInformation.userAgent

string

required

Client's user agent

Example:

"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"

clientInformation.userVerifyingPlatformAuthenticatorAvailable

boolean

required

clientInformation.conditionalMediationAvailable

boolean

required

clientInformation.clientCapabilities

object

required

Show child attributes

clientInformation.clientCapabilities.conditionalCreate

boolean

clientInformation.clientCapabilities.conditionalMediation

boolean

clientInformation.clientCapabilities.hybridTransport

boolean

clientInformation.clientCapabilities.passkeyPlatformAuthenticator

boolean

clientInformation.clientCapabilities.userVerifyingPlatformAuthenticator

boolean

clientInformation.parsedDeviceInfo

object

required

Show child attributes

clientInformation.parsedDeviceInfo.browserName

string

required

clientInformation.parsedDeviceInfo.browserVersion

string

required

clientInformation.parsedDeviceInfo.osName

string

required

clientInformation.parsedDeviceInfo.osVersion

string

required

clientInformation.clientEnvHandle

string

Client's environment handle

clientInformation.javascriptFingerprint

string

Client's fingerprint

clientInformation.javaScriptHighEntropy

object

Show child attributes

clientInformation.javaScriptHighEntropy.platform

string

required

clientInformation.javaScriptHighEntropy.platformVersion

string

required

clientInformation.javaScriptHighEntropy.mobile

boolean

required

clientInformation.bluetoothAvailable

boolean

Client's Bluetooth availability

clientInformation.passwordManagerAvailable

boolean

Client's password manager availability

clientInformation.privateMode

boolean

clientInformation.nativeMeta

object

Show child attributes

clientInformation.nativeMeta.build

string

required

clientInformation.nativeMeta.deviceOwnerAuth

string

clientInformation.nativeMeta.isPlatformAuthenticatorAPISupported

boolean

clientInformation.nativeMeta.isBluetoothAvailable

boolean

clientInformation.nativeMeta.isBluetoothOn

boolean

clientInformation.nativeMeta.googlePlayServices

boolean

clientInformation.nativeMeta.deviceSecure

boolean

clientInformation.nativeMeta.brand

string

clientInformation.nativeMeta.model

string

passkeyIntelFlags

object

required

Show child attributes

passkeyIntelFlags.forcePasskeyAppend

boolean

required

passkeyIntelFlags.askForAutoAppend

boolean

passkeyIntelFlags.askForConditionalCreate

boolean

passkeyIntelFlags.askForInAppAppend

string

situation

string

required

Response

Passkey creation process has been started.

appendAllow

boolean

required

attestationOptions

string

required

Example:

"{\"publicKey\":{\"challenge\":\"2m6...0w9/MgW...KE=\",\"rp\":{\"name\":\"demo\",\"id\":\"localhost\"},\"user\":{\"name\":\"[email protected]\",\"id\":\"dXN...zk5\"},\"pubKeyCredParams\":[{\"type\":\"public-key\",\"alg\":-7},{\"type\":\"public-key\",\"alg\":-35},{\"type\":\"public-key\",\"alg\":-36},{\"type\":\"public-key\",\"alg\":-257},{\"type\":\"public-key\",\"alg\":-258},{\"type\":\"public-key\",\"alg\":-259},{\"type\":\"public-key\",\"alg\":-37},{\"type\":\"public-key\",\"alg\":-38},{\"type\":\"public-key\",\"alg\":-39},{\"type\":\"public-key\",\"alg\":-8}],\"authenticatorSelection\":{\"authenticatorAttachment\":\"platform\",\"requireResidentKey\":false,\"userVerification\":\"required\"},\"timeout\":60000,\"attestation\":\"none\"}}"

detectionInsights

object

required

Show child attributes

detectionInsights.tags

object[]

required

Show child attributes

detectionInsights.tags.category

enum<string>

required

Available options:

support,

clientEnv,

history,

passkey

detectionInsights.tags.name

string

required

detectionInsights.credentialIds

string[]

required

detectionInsights.clientEnvIds

string[]

required

detectionInsights.passwordManagerIds

string[]

required

detectionInsights.historyData

object

required

Show child attributes

detectionInsights.historyData.defaultCount

integer

required

detectionInsights.historyData.afterErrorCount

integer

required

detectionInsights.historyData.afterHybridCount

integer

required

detectionInsights.historyData.autoCount

integer

required

detectionInsights.historyData.defaultCooldown

boolean

required

detectionInsights.historyData.afterErrorCooldown

boolean

required

detectionInsights.historyData.afterHybridCooldown

boolean

required

detectionInsights.historyData.autoCooldown

boolean

required

detectionInsights.historyData.conditionalCreateCooldown

boolean

required

detectionInsights.historyData.inAppCooldown

boolean

required

decisionInsights

object

required

Show child attributes

decisionInsights.tag

enum<string>

required

Available options:

env-no-platform-pk-support,

env-no-pk-support,

user-no-pks,

user-login-blacklisted,

user-security-key,

user-positive-env-history,

user-negative-env-history,

env-blacklisted,

user-platform-pk-high-confidence,

user-cross-platform-pk-high-confidence,

user-env-no-pks,

default-deny,

passkey-list-initiated-process,

user-append-blacklisted,

process-pk-login-sk-completed,

process-pk-login-platform-completed,

process-pk-login-not-offered,

process-pk-login-incomplete,

process-pk-login-cross-platform-completed,

device-local-platform-passkey-experiment,

env-broken,

process-pk-login-aborted,

env-password-manager-pk-experiment

decisionInsights.isRestrictedBrowser

boolean

required

decisionInsights.variant

enum<string>

required

Available options:

default,

after-error,

after-hybrid,

passkey-list,

after-no-credential

decisionInsights.auto

boolean

required

decisionInsights.conditional

boolean

required

decisionInsights.customData

object

Show child attributes

decisionInsights.customData.{key}

string

Revoke a session Finish creating a new passkey

⌘I

API Reference

Frontend API

Backend API

Start creating a new passkey

Authorizations

Body

Response