API Reference
Frontend API
- Configs
- Users
- Auth
- POSTInitialize authentication process
- GETRetrieve authentication process
- POSTComplete authentication process
- POSTReset authentication process
- POSTInitialize signup
- POSTInitialize login
- POSTSkip authentication block
- POSTStart passkey append
- POSTFinish passkey append
- POSTStart passkey login
- POSTFinish passkey login
- POSTFinish passkey mediation
- POSTStart identifier verification
- POSTFinish identifier verification
- GETRetrieve identifier verification status
- POSTUpdate identifier
- POSTStart social verification
- GETSocial verification callback
- POSTFinish social verification
- POSTCreate authentication event
- POST
- CorbadoConnect
Backend API
- Users
- Challenges
- Identifiers
- PasskeyEvents
- PasskeyChallenges
- ConnectTokens
- Sessions
- Passkeys
Initialize authentication process
Copy
Ask AI
curl --request POST \
--url https://{projectId}.frontendapi.corbado.io/v2/auth/process/init \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{
"clientInformation": {
"bluetoothAvailable": true,
"clientEnvHandle": "<string>",
"visitorId": "<string>",
"canUsePasskeys": true,
"isUserVerifyingPlatformAuthenticatorAvailable": true,
"isConditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"isNative": true,
"webdriver": true,
"privateMode": true,
"clientEnvHandleMeta": {
"ts": 123,
"source": "ls"
},
"nativeMeta": {
"platform": "<string>",
"platformVersion": "<string>",
"name": "<string>",
"version": "<string>",
"displayName": "<string>",
"build": "<string>",
"deviceOwnerAuth": "none",
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"isGooglePlayServices": true,
"isDeviceSecure": true,
"error": "<string>"
}
},
"passkeyAppendShown": 123,
"optOutOfPasskeyAppendAfterHybrid": true,
"preferredBlock": "signup-init"
}'Copy
Ask AI
{
"newClientEnvHandle": "<string>",
"token": "<string>",
"expiresAt": 123,
"processResponse": {
"blockBody": {
"block": "signup-init",
"authType": "signup",
"data": {
"blockType": "<string>",
"challenge": "<string>",
"identifierValue": "<string>",
"identifierType": "email",
"autoSubmit": true,
"passkeyIconSet": "default",
"variant": "default"
},
"alternatives": [
{}
],
"error": {
"code": "<string>",
"message": "<string>"
},
"continueOnOtherDevice": {
"reason": "email-link-verified"
}
},
"common": {
"appName": "<string>",
"frontendApiUrl": "<string>",
"hideBadge": true,
"environment": "<string>"
},
"newProcess": {
"token": "<string>",
"expiresAt": 123
}
}
}Auth
Initialize authentication process
Initializes a new authentication process.
POST
/
v2
/
auth
/
process
/
init
Initialize authentication process
Copy
Ask AI
curl --request POST \
--url https://{projectId}.frontendapi.corbado.io/v2/auth/process/init \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{
"clientInformation": {
"bluetoothAvailable": true,
"clientEnvHandle": "<string>",
"visitorId": "<string>",
"canUsePasskeys": true,
"isUserVerifyingPlatformAuthenticatorAvailable": true,
"isConditionalMediationAvailable": true,
"clientCapabilities": {
"conditionalCreate": true,
"conditionalMediation": true,
"hybridTransport": true,
"passkeyPlatformAuthenticator": true,
"userVerifyingPlatformAuthenticator": true
},
"javaScriptHighEntropy": {
"platform": "<string>",
"platformVersion": "<string>",
"mobile": true
},
"isNative": true,
"webdriver": true,
"privateMode": true,
"clientEnvHandleMeta": {
"ts": 123,
"source": "ls"
},
"nativeMeta": {
"platform": "<string>",
"platformVersion": "<string>",
"name": "<string>",
"version": "<string>",
"displayName": "<string>",
"build": "<string>",
"deviceOwnerAuth": "none",
"isBluetoothAvailable": true,
"isBluetoothOn": true,
"isGooglePlayServices": true,
"isDeviceSecure": true,
"error": "<string>"
}
},
"passkeyAppendShown": 123,
"optOutOfPasskeyAppendAfterHybrid": true,
"preferredBlock": "signup-init"
}'Copy
Ask AI
{
"newClientEnvHandle": "<string>",
"token": "<string>",
"expiresAt": 123,
"processResponse": {
"blockBody": {
"block": "signup-init",
"authType": "signup",
"data": {
"blockType": "<string>",
"challenge": "<string>",
"identifierValue": "<string>",
"identifierType": "email",
"autoSubmit": true,
"passkeyIconSet": "default",
"variant": "default"
},
"alternatives": [
{}
],
"error": {
"code": "<string>",
"message": "<string>"
},
"continueOnOtherDevice": {
"reason": "email-link-verified"
}
},
"common": {
"appName": "<string>",
"frontendApiUrl": "<string>",
"hideBadge": true,
"environment": "<string>"
},
"newProcess": {
"token": "<string>",
"expiresAt": 123
}
}
}Authorizations
After a user logs in successfully, a session is created and a JWT token is returned.
This token represents the user's authenticated session.
It must be included in the Authorization header as a Bearer token for all protected endpoints:
Authorization: Bearer <your-token>
The server will validate this token to authorize access.
Body
application/json
tbd.
Response
200 - application/json
tbd
tbd.
Was this page helpful?
Assistant
Responses are generated using AI and may contain mistakes.