Webauthn Configuration
#
Introduction#
ConceptWebauthn is used in our 2FA mechanism.
It must register credentials linked to a specific device before being able to login with it.
These endpoints allows to manipulate those credentials.
#
Webauthn Credentials#
Request new Webauthn credentials creationThis initiates a Webauthn registration flow in order to attach webauthn credentials to the identity.
#
RequestCookies:
accesstoken
(opaque token) (ACR >= 1):mid
claim as the identity id.tokentype
(optional): must bebearer
.
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks.
Path Parameters:
id
(uuid string): the identity unique id.
#
ResponseCode:
JSON Body:
The response is described in the Webauthn documentation.
#
Finish Webauthn credentials creationThis completes a Webauthn registration flow.
#
RequestCookies:
accesstoken
(opaque token) (ACR >= 1):mid
claim as the identity id.tokentype
(optional): must bebearer
.
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks.
Path Parameters:
id
(uuid string): the identity unique id.
JSON Body:
These attributes are described in the Webauthn documentation.
#
ResponseCode:
JSON Body:
#
List Webauthn CredentialsThis route returns all the credentials owned by a given identity.
#
RequestCookies:
accesstoken
(opaque token) (ACR >= 2):mid
claim as the identity id.tokentype
: must bebearer
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks, delivered at the end of the auth flow
Query Parameters:
identity_id
(string) (uuid): the identity ID. Must be the same than the accesstoken identity id.
#
ResponseCode:
JSON Body:
#
Delete Webauthn CredentialThis route deletes a given credential
#
RequestCookies:
accesstoken
(opaque token) (ACR >= 2):mid
claim as the identity id owning the credential.tokentype
: must bebearer
Headers:
X-CSRF-Token
: a token to prevent from CSRF attacks
Path Parameters:
id
(string) (urlsafe base64): The credential id.
#
ResponseCode: