Skip to main content
POST
/
v2
/
connect
/
login
/
init
Initialize connect login
curl --request POST \
  --url https://{projectId}.frontendapi.corbado.io/v2/connect/login/init \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "clientInformation": {
    "bluetoothAvailable": true,
    "clientEnvHandle": "<string>",
    "visitorId": "<string>",
    "canUsePasskeys": true,
    "isUserVerifyingPlatformAuthenticatorAvailable": true,
    "isConditionalMediationAvailable": true,
    "clientCapabilities": {
      "conditionalCreate": true,
      "conditionalMediation": true,
      "conditionalGet": true,
      "hybridTransport": true,
      "passkeyPlatformAuthenticator": true,
      "userVerifyingPlatformAuthenticator": true,
      "relatedOrigins": true,
      "signalAllAcceptedCredentials": true,
      "signalCurrentUserDetails": true,
      "signalUnknownCredential": true
    },
    "isNative": true,
    "webdriver": true,
    "privateMode": true
  },
  "flags": {},
  "invitationToken": "<string>"
}
'
{
  "token": "<string>",
  "expiresAt": 123,
  "frontendApiUrl": "<string>",
  "loginAllowed": true,
  "flags": {},
  "newClientEnvHandle": "<string>",
  "newClientState": "<string>",
  "conditionalUIChallenge": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.corbado.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

After a user logs in successfully, a session is created and a JWT token is returned. This token represents the user's authenticated session. It must be included in the Authorization header as a Bearer token for all protected endpoints:

Authorization: Bearer <your-token>

The server will validate this token to authorize access.

Body

application/json
clientInformation
object
required
flags
object
required
invitationToken
string

Response

200 - application/json

Contains information about if and how a passkey login can be started.

token
string
required
expiresAt
integer<int64>
required
frontendApiUrl
string
required
loginAllowed
boolean
required
flags
object
required
newClientEnvHandle
string
newClientState
string
conditionalUIChallenge
string