Skip to main content
POST
/
signin
/
webauthn
Sign in with Webauthn
curl --request POST \
  --url https://{subdomain}.auth.{region}.nhost.run/v1/signin/webauthn \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "[email protected]"
}
'
{
  "challenge": "aSDinaTvuI8gbWludGxpZnk=",
  "timeout": 123,
  "rpId": "<string>",
  "allowCredentials": [
    {
      "type": "public-key",
      "id": "aSDinaTvuI8gbWludGxpZnk=",
      "transports": [
        "usb"
      ]
    }
  ],
  "userVerification": "preferred",
  "hints": [
    "security-key"
  ],
  "extensions": {}
}

Body

application/json

Optional email address to help identify the user for WebAuthn authentication

email
string<email>

A valid email

Example:

"[email protected]"

Response

Challenge sent

challenge
string<byte>
required

Base64url-encoded binary data

timeout
integer

A time, in milliseconds, that the caller is willing to wait for the call to complete

rpId
string

The RP ID the credential should be scoped to

allowCredentials
object[]

A list of CredentialDescriptor objects representing public key credentials acceptable to the caller

userVerification
enum<string>
default:preferred

A requirement for user verification for the operation

Available options:
required,
preferred,
discouraged
hints
enum<string>[]

Hints to help guide the user through the experience

Hints to help guide the user through the experience

Available options:
security-key,
client-device,
hybrid
extensions
object

Additional parameters requesting additional processing by the client and authenticator