POST
/
v2
/
auth
/
process
/
init
Initialize authentication process
curl --request POST \
  --url https://{projectId}.frontendapi.corbado.io/v2/auth/process/init \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "clientInformation": {
    "bluetoothAvailable": true,
    "clientEnvHandle": "<string>",
    "visitorId": "<string>",
    "canUsePasskeys": true,
    "isUserVerifyingPlatformAuthenticatorAvailable": true,
    "isConditionalMediationAvailable": true,
    "clientCapabilities": {
      "conditionalCreate": true,
      "conditionalMediation": true,
      "hybridTransport": true,
      "passkeyPlatformAuthenticator": true,
      "userVerifyingPlatformAuthenticator": true
    },
    "javaScriptHighEntropy": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "mobile": true
    },
    "isNative": true,
    "webdriver": true,
    "privateMode": true,
    "clientEnvHandleMeta": {
      "ts": 123,
      "source": "ls"
    },
    "nativeMeta": {
      "platform": "<string>",
      "platformVersion": "<string>",
      "name": "<string>",
      "version": "<string>",
      "displayName": "<string>",
      "build": "<string>",
      "deviceOwnerAuth": "none",
      "isBluetoothAvailable": true,
      "isBluetoothOn": true,
      "isGooglePlayServices": true,
      "isDeviceSecure": true,
      "error": "<string>"
    }
  },
  "passkeyAppendShown": 123,
  "optOutOfPasskeyAppendAfterHybrid": true,
  "preferredBlock": "signup-init"
}'
{
  "newClientEnvHandle": "<string>",
  "token": "<string>",
  "expiresAt": 123,
  "processResponse": {
    "blockBody": {
      "block": "signup-init",
      "authType": "signup",
      "data": {
        "blockType": "<string>",
        "challenge": "<string>",
        "identifierValue": "<string>",
        "identifierType": "email",
        "autoSubmit": true,
        "passkeyIconSet": "default",
        "variant": "default"
      },
      "alternatives": [
        {}
      ],
      "error": {
        "code": "<string>",
        "message": "<string>"
      },
      "continueOnOtherDevice": {
        "reason": "email-link-verified"
      }
    },
    "common": {
      "appName": "<string>",
      "frontendApiUrl": "<string>",
      "hideBadge": true,
      "environment": "<string>"
    },
    "newProcess": {
      "token": "<string>",
      "expiresAt": 123
    }
  }
}

Authorizations

Authorization
string
header
required

After a user logs in successfully, a session is created and a JWT token is returned. This token represents the user's authenticated session. It must be included in the Authorization header as a Bearer token for all protected endpoints:

Authorization: Bearer <your-token>

The server will validate this token to authorize access.

Body

application/json

tbd.

Response

200 - application/json

tbd

tbd.