Verify WebAuthn Authentication (beta)

POST /v1/auth/webauthn/verify

Verify and complete a WebAuthn credential authentication request. This endpoint requires that a user already exists and the BeginWebAuthnAuthentication has been called. Pass in the response from navigator.credentials.get(options) into public_key_credential as a JSON object. If you are using the webauthn-json library, pass in the response from let response = await get(options).

HTTP Request

POST /v1/auth/webauthn/verify

Returns

A successful response returns a webauthn_credential_id property and user_id property.

application/json

Body

  • public_key_credential object Required
    Hide public_key_credential attributes Show public_key_credential attributes object
    • type string Required

      Minimum length is 1.

    • id string Required

      Minimum length is 1.

    • rawId string Required

      Minimum length is 1.

    • response object Required
      Hide response attributes Show response attributes object
      • clientDataJSON string Required

        Minimum length is 1.

      • authenticatorData string Required

        Minimum length is 1.

      • signature string Required

        Minimum length is 1.

      • userHandle string Required

        Minimum length is 1.

    • clientExtensionResults object Required
  • session_expires_in number

    Optional Extend the session expiration time to N minutes from now, must be between 5 to 525600 minutes (365 days). This parameter will create a new session if there is no existing session along with a session_token and session_jwt. However, if a valid session_token or session_jwt is sent in, it will extend that session by the minutes specified. If not sent in, no session will be created by default.

  • session_token string

    Optional Unique session token to verify.

  • session_jwt string

    Optional Unique Session JWT to verify.

Responses

  • 200 application/json

    OK

    Hide response attributes Show response attributes object
    • user_id string Required

      Minimum length is 1.

    • webauthn_credential_id string Required

      Minimum length is 1.

    • session_token string
    • session_jwt string
    • session object
      Hide session attributes Show session attributes object
      • id string Required

        Minimum length is 1.

      • user_id string Required

        Minimum length is 1.

      • session_token string Required

        Minimum length is 1.

      • started_at number Required
      • expires_at number Required
      • last_active_at number Required
      • factors array[object] Required

        At least 1 element.

        Hide factors attributes Show factors attributes object
        • delivery_channel string Required

          Delivery channel for this factor. Possible values: sms, email, totp_authenticator, totp_recovery_code, google_oauth, apple_oauth, microsoft_oauth, discord_oauth, okta_oauth, github_oauth, slack_oauth, facebook_oauth, webauthn_credential, eth_wallet, sol_wallet.

          Minimum length is 1.

        • type string Required

          Authentication type of factor. Possible values: otp, oauth, wallet, totp, webauthn.

          Minimum length is 1.

        • method object Required
          Hide method attributes Show method attributes object
          • id string
          • method_id string Required

            Minimum length is 1.

          • method_type string Required

            Identifier method type. Possible values: email, wallet, phone_number, webauthn.

            Minimum length is 1.

          • last_verified_at number Required
          • phone_number_id string

            Minimum length is 1.

          • phone_number string

            Minimum length is 1.

          • email_id string
          • email string
          • wallet_type string
          • wallet_id string
          • wallet_public_address string
          • totp_id string
          • webauthn_credential_id string
          • provider_subject string
      • device_fingerprint object Required
        Hide device_fingerprint attributes Show device_fingerprint attributes object
        • user_agent string Required
        • ip string Required

          Minimum length is 1.

      • updated_at number Required
      • created_at number Required
POST /v1/auth/webauthn/verify
curl \
 --request POST 'https://api.streambird.io/v1/auth/webauthn/verify' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"public_key_credential":{"id":"AfrWIdqBscVPZiKM2SufpRbnJoFKi-YO_PXT4AGROgkuLuxeMI_JtqGmjZNbjAr4poY2hrVNtIHpKEg0_n4wonWzqxUL1gXS5KF9BgSbOLYFbz5n07W2","type":"public-key","rawId":"AfrWIdqBscVPZiKM2SufpRbnJoFKi-YO_PXT4AGROgkuLuxeMI_JtqGmjZNbjAr4poY2hrVNtIHpKEg0_n4wonWzqxUL1gXS5KF9BgSbOLYFbz5n07W2","response":{"signature":"MEUCIHK7P7LOo8O-F9hyyNAziMJAB7mXrWanv1hjWb9LS5MfAiEApfIwc7uFVGW7dIvxJe1_YwR0_F6a_6GsxT7mCY9e2iU","userHandle":"dXNlcl8yNmw3ZGJmQVk1OWZ0ZWptbTZtM09UZjRvejE","clientDataJSON":"eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiMG50bXhaWUEzOEJfMlJMUjdNTXlpeDk4RmVhd3BfVmRocUs0MVVHNFFpQSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6MTIzNCIsImNyb3NzT3JpZ2luIjpmYWxzZX0","authenticatorData":"SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFYmcd8w"},"clientExtensionResults":{}}}'
Request example
{
  "public_key_credential": {
    "id": "AfrWIdqBscVPZiKM2SufpRbnJoFKi-YO_PXT4AGROgkuLuxeMI_JtqGmjZNbjAr4poY2hrVNtIHpKEg0_n4wonWzqxUL1gXS5KF9BgSbOLYFbz5n07W2",
    "type": "public-key",
    "rawId": "AfrWIdqBscVPZiKM2SufpRbnJoFKi-YO_PXT4AGROgkuLuxeMI_JtqGmjZNbjAr4poY2hrVNtIHpKEg0_n4wonWzqxUL1gXS5KF9BgSbOLYFbz5n07W2",
    "response": {
      "signature": "MEUCIHK7P7LOo8O-F9hyyNAziMJAB7mXrWanv1hjWb9LS5MfAiEApfIwc7uFVGW7dIvxJe1_YwR0_F6a_6GsxT7mCY9e2iU",
      "userHandle": "dXNlcl8yNmw3ZGJmQVk1OWZ0ZWptbTZtM09UZjRvejE",
      "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiMG50bXhaWUEzOEJfMlJMUjdNTXlpeDk4RmVhd3BfVmRocUs0MVVHNFFpQSIsIm9yaWdpbiI6Imh0dHA6Ly9sb2NhbGhvc3Q6MTIzNCIsImNyb3NzT3JpZ2luIjpmYWxzZX0",
      "authenticatorData": "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFYmcd8w"
    },
    "clientExtensionResults": {}
  }
}
Response examples (200)
{
  "session": null,
  "user_id": "user_26l7dbfAY59ftejmm6m3OTf4oz1",
  "session_jwt": "",
  "session_token": "",
  "webauthn_credential_id": "webauthn_28AdsbHW3wTDHNpywVZnhxxogKQ"
}