Skip to main content
POST
/
user-authenticators
/
passkey
/
authentication-options
Generate Authentication Options
curl --request POST \
  --url https://api.authsignal.com/v1/client/user-authenticators/passkey/authentication-options \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "challengeId": "<string>",
  "username": "<string>"
}
'
{
  "challengeId": "<string>",
  "options": {}
}

Documentation Index

Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Use a short-lived token obtained from the Server API's Track Action endpoint. The token is valid for 10 minutes and should be passed in the Authorization header as 'Bearer {token}'.

Body

application/json
challengeId
string

The ID of the challenge returned by Initiate Challenge. Only required if you want to customize the action code associated with the passkey sign-in.

username
string

If passed, will restrict the allowed credentials for the passkey sign-in to those associated with the given username. Recommended for when using passkeys for MFA or step-up authentication.

Response

OK

challengeId
string
required

The ID of the passkey challenge. Should be passed back to the complete the challenge.

options
object
required

The options for public key credential authentication, including rpId and challenge.