Skip to main content
POST
/
user-authenticators
/
passkey
/
registration-options
Generate Registration Options
curl --request POST \
  --url https://api.authsignal.com/v1/client/user-authenticators/passkey/registration-options \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "username": "<string>",
  "displayName": "<string>",
  "securePaymentConfirmation": true,
  "instrumentDisplayName": "<string>"
}
'
{
  "challengeId": "<string>",
  "options": {}
}

Authorizations

Authorization
string
header
required

Use a short-lived token obtained from the Server API's Track Action endpoint. The token is valid for 10 minutes and should be passed in the Authorization header as 'Bearer {token}'.

Body

application/json
username
string

The username which uniquely identifies the user, e.g. email address. Will be inferred from an existing user identifier if not passed.

displayName
string

An additional identifier which will be displayed to the user to help them recognize the passkey.

securePaymentConfirmation
boolean

Register a Secure Payment Confirmation (SPC) credential for use in 3-D Secure payments. When true, Authsignal forces a platform authenticator with required user verification and the WebAuthn payment extension, and marks the stored credential payment-capable.

instrumentDisplayName
string

An optional payment instrument label (e.g. "Visa ••1234") persisted against an SPC credential and shown in future payment dialogs. Only applies when securePaymentConfirmation is true.

Response

OK

challengeId
string
required

The ID of the passkey challenge. Should be passed back to the complete the registration.

options
object
required

The options for public key credential creation, based on https://w3c.github.io/webauthn/#dictdef-publickeycredentialcreationoptionsjson.