Body
application/json
WebAuthn credential assertion response from the user's authenticator device
Response
Sign in successful
Container for session information
User authentication session containing tokens and user information
Backend Services
- GET/.well-known/jwks.json
- POST/elevate/webauthn
- POST/elevate/webauthn/verify
- HEAD/healthz
- GET/healthz
- POST/link/idtoken
- GET/mfa/totp/generate
- POST/pat
- POST/signin/anonymous
- POST/signin/email-password
- POST/signin/idtoken
- POST/signin/mfa/totp
- POST/signin/otp/email
- POST/signin/otp/email/verify
- POST/signin/passwordless/email
- POST/signin/passwordless/sms
- POST/signin/passwordless/sms/otp
- POST/signin/pat
- GET/signin/provider/{provider}
- GET/signin/provider/{provider}/callback
- POST/signin/provider/{provider}/callback
- POST/signin/webauthn
- POST/signin/webauthn/verify
- POST/signout
- POST/signup/email-password
- POST/signup/webauthn
- POST/signup/webauthn/verify
- POST/token
- POST/token/verify
- GET/user
- POST/user/deanonymize
- POST/user/email/change
- POST/user/email/send-verification-email
- POST/user/mfa
- POST/user/password
- POST/user/password/reset
- POST/user/webauthn/add
- POST/user/webauthn/verify
- GET/verify
- GET/version
- GET
Client Libraries
Client Libraries (deprecated)
Verify Webauthn sign-in
Copy
Ask AI
curl --request POST \
--url https://{subdomain}.auth.{region}.nhost.run/v1/signin/webauthn/verify \
--header 'Content-Type: application/json' \
--data '{
"email": "john.smith@nhost.io",
"credential": {
"id": "<string>",
"type": "<string>",
"rawId": "aSDinaTvuI8gbWludGxpZnk=",
"clientExtensionResults": {
"appid": true,
"credProps": {
"rk": true
},
"hmacCreateSecret": true
},
"authenticatorAttachment": "<string>",
"response": {
"clientDataJSON": "<string>",
"authenticatorData": "<string>",
"signature": "<string>",
"userHandle": "<string>"
}
}
}'Copy
Ask AI
{
"session": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"accessTokenExpiresIn": 900,
"refreshTokenId": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"refreshToken": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"user": {
"avatarUrl": "https://myapp.com/avatars/user123.jpg",
"createdAt": "2023-01-15T12:34:56Z",
"defaultRole": "user",
"displayName": "John Smith",
"email": "john.smith@nhost.io",
"emailVerified": true,
"id": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"isAnonymous": false,
"locale": "en",
"metadata": {
"firstName": "John",
"lastName": "Smith"
},
"phoneNumber": "+12025550123",
"phoneNumberVerified": false,
"roles": [
"user",
"customer"
],
"activeMfaType": "<string>"
}
}
}Authentication
verifySignInWebauthn
Complete the Webauthn sign-in process by verifying the response from the user’s device. Returns a session if validation is successful.
POST
/
signin
/
webauthn
/
verify
Verify Webauthn sign-in
Copy
Ask AI
curl --request POST \
--url https://{subdomain}.auth.{region}.nhost.run/v1/signin/webauthn/verify \
--header 'Content-Type: application/json' \
--data '{
"email": "john.smith@nhost.io",
"credential": {
"id": "<string>",
"type": "<string>",
"rawId": "aSDinaTvuI8gbWludGxpZnk=",
"clientExtensionResults": {
"appid": true,
"credProps": {
"rk": true
},
"hmacCreateSecret": true
},
"authenticatorAttachment": "<string>",
"response": {
"clientDataJSON": "<string>",
"authenticatorData": "<string>",
"signature": "<string>",
"userHandle": "<string>"
}
}
}'Copy
Ask AI
{
"session": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"accessTokenExpiresIn": 900,
"refreshTokenId": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"refreshToken": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"user": {
"avatarUrl": "https://myapp.com/avatars/user123.jpg",
"createdAt": "2023-01-15T12:34:56Z",
"defaultRole": "user",
"displayName": "John Smith",
"email": "john.smith@nhost.io",
"emailVerified": true,
"id": "2c35b6f3-c4b9-48e3-978a-d4d0f1d42e24",
"isAnonymous": false,
"locale": "en",
"metadata": {
"firstName": "John",
"lastName": "Smith"
},
"phoneNumber": "+12025550123",
"phoneNumberVerified": false,
"roles": [
"user",
"customer"
],
"activeMfaType": "<string>"
}
}
}Was this page helpful?
⌘I