Verify Passkey Authentication

POST

verify

passkey

Verify Authentication

curl --request POST \
  --url https://api.authsignal.com/v1/client/verify/passkey \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "challengeId": "<string>",
  "authenticationCredential": {},
  "deviceId": "<string>"
}'

{
  "isVerified": true,
  "accessToken": "<string>"
}

Authorizations

Authorization

string

header

required

Use a short-lived token obtained from the Server API's Track Action endpoint. The token is valid for 10 minutes and should be passed in the Authorization header as 'Bearer {token}'.

Body

application/json

challengeId

string

required

The ID of the passkey challenge returned when generating authentication options.

authenticationCredential

object

required

The authentication credential object, based on https://w3c.github.io/webauthn/#dictdef-authenticationresponsejson.

deviceId

string

The ID of the device.

Response

isVerified

boolean

required

True if the passkey challenge was valid and the device was authenticated successfully.

accessToken

string

A token which can be used to validate the passkey challenge server-side.

Initiate ChallengeInitiate a challenge for an action. Call this before Generate Authentication Options to customize the action code for passkey sign-in.

⌘I

Verify Authentication

curl --request POST \
  --url https://api.authsignal.com/v1/client/verify/passkey \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "challengeId": "<string>",
  "authenticationCredential": {},
  "deviceId": "<string>"
}'

{
  "isVerified": true,
  "accessToken": "<string>"
}

API reference

Server API

Client API

Management API

Call Connect API

Terminal API

Verify Passkey Authentication

Authorizations

Body

Response