API Reference
Frontend API
Backend API
- POSTStart creating a new passkey
- POSTFinish creating a new passkey
- POSTStart login with an existing passkey
- POSTFinish login with an existing passkey
- POSTVerify signedPasskeyData from a passkey login
- POSTStart login with an existing passkey (Conditional UI)
- POSTFinish login with an existing passkey (Conditional UI)
- POST
Start login with an existing passkey
Copy
Ask AI
curl --request POST \
--url https://backendapi.corbado.io/v2/passkey/login/start \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--data '
{
"userID": "<string>",
"clientInformation": {
"remoteAddress": "::ffff:172.18.0.1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
"userVerifyingPlatformAuthenticatorAvailable": true,
"conditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"parsedDeviceInfo": {
"browserName": "<string>",
"browserVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
},
"clientEnvHandle": "<string>",
"javascriptFingerprint": "<string>",
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"bluetoothAvailable": true,
"passwordManagerAvailable": true,
"privateMode": true,
"nativeMeta": {
"build": "<string>",
"deviceOwnerAuth": "<string>",
"isPlatformAuthenticatorAPISupported": true,
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"googlePlayServices": true,
"deviceSecure": true,
"brand": "<string>",
"model": "<string>"
}
},
"crossDeviceAuthenticationStrategy": "standard",
"processID": "<string>"
}
'Copy
Ask AI
{
"loginAllow": true,
"assertionOptions": "<string>",
"detectionInsights": {
"tags": [
{
"category": "support",
"name": "<string>"
}
],
"credentialIds": [
"<string>"
],
"clientEnvIds": [
"<string>"
],
"passwordManagerIds": [
"<string>"
],
"historyData": {
"defaultCount": 123,
"afterErrorCount": 123,
"afterHybridCount": 123,
"autoCount": 123,
"defaultCooldown": true,
"afterErrorCooldown": true,
"afterHybridCooldown": true,
"autoCooldown": true,
"conditionalCreateCooldown": true,
"inAppCooldown": true
}
},
"decisionInsights": {
"tag": "env-no-platform-pk-support",
"isCDACandidate": true,
"experiments": [
"<string>"
],
"preferImmediatelyAvailable": true
}
}Passkeys
Start login with an existing passkey
Starts login with an existing passkey by initiating the WebAuthn ceremony. To complete the ceremony you need to call finish.
POST
/
passkey
/
login
/
start
Start login with an existing passkey
Copy
Ask AI
curl --request POST \
--url https://backendapi.corbado.io/v2/passkey/login/start \
--header 'Authorization: Basic <encoded-value>' \
--header 'Content-Type: application/json' \
--data '
{
"userID": "<string>",
"clientInformation": {
"remoteAddress": "::ffff:172.18.0.1",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36",
"userVerifyingPlatformAuthenticatorAvailable": true,
"conditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"parsedDeviceInfo": {
"browserName": "<string>",
"browserVersion": "<string>",
"osName": "<string>",
"osVersion": "<string>"
},
"clientEnvHandle": "<string>",
"javascriptFingerprint": "<string>",
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"bluetoothAvailable": true,
"passwordManagerAvailable": true,
"privateMode": true,
"nativeMeta": {
"build": "<string>",
"deviceOwnerAuth": "<string>",
"isPlatformAuthenticatorAPISupported": true,
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"googlePlayServices": true,
"deviceSecure": true,
"brand": "<string>",
"model": "<string>"
}
},
"crossDeviceAuthenticationStrategy": "standard",
"processID": "<string>"
}
'Copy
Ask AI
{
"loginAllow": true,
"assertionOptions": "<string>",
"detectionInsights": {
"tags": [
{
"category": "support",
"name": "<string>"
}
],
"credentialIds": [
"<string>"
],
"clientEnvIds": [
"<string>"
],
"passwordManagerIds": [
"<string>"
],
"historyData": {
"defaultCount": 123,
"afterErrorCount": 123,
"afterHybridCount": 123,
"autoCount": 123,
"defaultCooldown": true,
"afterErrorCooldown": true,
"afterHybridCooldown": true,
"autoCooldown": true,
"conditionalCreateCooldown": true,
"inAppCooldown": true
}
},
"decisionInsights": {
"tag": "env-no-platform-pk-support",
"isCDACandidate": true,
"experiments": [
"<string>"
],
"preferImmediatelyAvailable": true
}
}Authorizations
Basic authentication is used to authenticate requests to the Backend API. The username is the project ID and the password is the API secret.
The project ID and API secret can be found in the Developer Panel.
Body
application/json
ID of the user
Show child attributes
Show child attributes
Client's IP address
Example:
"::ffff:172.18.0.1"
Client's user agent
Example:
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
Show child attributes
Show child attributes
Client's environment handle
Client's fingerprint
Client's Bluetooth availability
Client's password manager availability
Show child attributes
Show child attributes
Available options:
standard, minimize, maximize Response
Passkey authentication process has been started.
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Available options:
env-no-platform-pk-support, env-no-pk-support, user-no-pks, user-login-blacklisted, user-security-key, user-positive-env-history, user-negative-env-history, env-blacklisted, user-platform-pk-high-confidence, user-cross-platform-pk-high-confidence, user-env-no-pks, default-deny, passkey-list-initiated-process, user-append-blacklisted, process-pk-login-sk-completed, process-pk-login-platform-completed, process-pk-login-not-offered, process-pk-login-incomplete, process-pk-login-cross-platform-completed, device-local-platform-passkey-experiment, env-broken, process-pk-login-aborted, env-password-manager-pk-experiment Was this page helpful?
⌘I