Skip to main content
POST
/
users
/
{userId}
/
authenticators
Enroll verified authenticator
curl --request POST \
  --url https://api.authsignal.com/v1/users/{userId}/authenticators \
  --header 'Authorization: Basic <encoded-value>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "verificationMethod": "SMS",
  "phoneNumber": "+123456789012"
}
'
{
  "authenticator": {
    "userAuthenticatorId": "4efd2d0d-3278-4e03-8143-d9a0850bebc0",
    "verificationMethod": "PASSKEY",
    "username": "[email protected]",
    "displayName": "Jane Smith",
    "createdAt": "2024-05-13T04:59:02.640Z",
    "lastVerifiedAt": "2024-07-13T02:43:37.640Z",
    "verifiedAt": "2024-05-13T04:59:17.640Z",
    "webauthnCredential": {
      "credentialId": "71273a99-4a7b-47d4-82ab-9ea72b8f0a72",
      "deviceId": "d5a13d2d-8c34-4c90-938b-d8c6e3a88c5d",
      "name": "iCloud Keychain",
      "aaguid": "fbfc3007-154e-4ecc-8c0b-6e020557d7bd",
      "aaguidMapping": {
        "name": "iCloud Keychain",
        "svgIconDark": "data:image/svg+xml;base64...",
        "svgIconLight": "data:image/svg+xml;base64..."
      },
      "credentialBackedUp": true,
      "credentialDeviceType": "multiDevice",
      "authenticatorAttachment": "platform"
    }
  },
  "recoveryCodes": [
    "<string>"
  ]
}

Authorizations

Authorization
string
header
required

Use your Authsignal secret key as the username and leave the password empty. The secret key can be found in the API Keys section of the Authsignal Portal settings page.

Path Parameters

userId
string
required

The ID of the user.

Body

application/json
verificationMethod
enum<string>
required

The verification method of the authenticator being enrolled.

Available options:
EMAIL_MAGIC_LINK,
EMAIL_OTP,
SMS,
AUTHENTICATOR_APP
email
string

The user's email address. Required for EMAIL_MAGIC_LINK and EMAIL_OTP.

phoneNumber
string

The user's phone number in E.164 format. Required for SMS.

otpUri
string

The formatted OTP URI. Required for AUTHENTICATOR_APP.

oobChannel
enum<string>

Deprecated - use 'verificationMethod' instead.

Available options:
EMAIL_MAGIC_LINK,
EMAIL_OTP,
SMS

Response

OK

authenticator
object
Example:
{
  "userAuthenticatorId": "4efd2d0d-3278-4e03-8143-d9a0850bebc0",
  "verificationMethod": "PASSKEY",
  "username": "[email protected]",
  "displayName": "Jane Smith",
  "createdAt": "2024-05-13T04:59:02.640Z",
  "lastVerifiedAt": "2024-07-13T02:43:37.640Z",
  "verifiedAt": "2024-05-13T04:59:17.640Z",
  "webauthnCredential": {
    "credentialId": "71273a99-4a7b-47d4-82ab-9ea72b8f0a72",
    "deviceId": "d5a13d2d-8c34-4c90-938b-d8c6e3a88c5d",
    "name": "iCloud Keychain",
    "aaguid": "fbfc3007-154e-4ecc-8c0b-6e020557d7bd",
    "aaguidMapping": {
      "name": "iCloud Keychain",
      "svgIconDark": "data:image/svg+xml;base64...",
      "svgIconLight": "data:image/svg+xml;base64..."
    },
    "credentialBackedUp": true,
    "credentialDeviceType": "multiDevice",
    "authenticatorAttachment": "platform"
  }
}
recoveryCodes
string[]