post__mfa_passkey_complete-registration

Code Samples

# You can also use wget
curl -X POST https://backend.flashback.tech/mfa/passkey/complete-registration \
  -H 'Content-Type: application/json' \
  -H 'Accept: application/json' \
  -H 'Authorization: Bearer {access-token}' \
  -d '{
    "credential": {
      "id": "credential-id",
      "rawId": "raw-credential-id",
      "response": {
        "clientDataJSON": "client-data-json",
        "attestationObject": "attestation-object"
      },
      "type": "public-key"
    },
    "challenge": "dGVzdCBjaGFsbGVuZ2U="
  }'

POST https://backend.flashback.tech/mfa/passkey/complete-registration HTTP/1.1
Host: localhost:3000
Content-Type: application/json
Accept: application/json
Authorization: Bearer {access-token}

{
  "credential": {
    "id": "credential-id",
    "rawId": "raw-credential-id",
    "response": {
      "clientDataJSON": "client-data-json",
      "attestationObject": "attestation-object"
    },
    "type": "public-key"
  },
  "challenge": "dGVzdCBjaGFsbGVuZ2U="
}

const inputBody = '{
  "credential": {
    "id": "credential-id",
    "rawId": "raw-credential-id",
    "response": {
      "clientDataJSON": "client-data-json",
      "attestationObject": "attestation-object"
    },
    "type": "public-key"
  },
  "challenge": "dGVzdCBjaGFsbGVuZ2U="
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://backend.flashback.tech/mfa/passkey/complete-registration',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'application/json',
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://backend.flashback.tech/mfa/passkey/complete-registration',
  params: {
  }, headers: headers

p JSON.parse(result)

import requests
headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://backend.flashback.tech/mfa/passkey/complete-registration', headers = headers)

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Content-Type' => 'application/json',
    'Accept' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$client = new \GuzzleHttp\Client();

// Define array of request body.
$request_body = array(
    'credential' => array(
        'id' => 'credential-id',
        'rawId' => 'raw-credential-id',
        'response' => array(
            'clientDataJSON' => 'client-data-json',
            'attestationObject' => 'attestation-object'
        ),
        'type' => 'public-key'
    ),
    'challenge' => 'dGVzdCBjaGFsbGVuZ2U='
);

try {
    $response = $client->request('POST','https://backend.flashback.tech/mfa/passkey/complete-registration', array(
        'headers' => $headers,
        'json' => $request_body,
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

 // ...

URL obj = new URL("https://backend.flashback.tech/mfa/passkey/complete-registration");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
con.setDoOutput(true);

String jsonInputString = "{\"credential\":{\"id\":\"credential-id\",\"rawId\":\"raw-credential-id\",\"response\":{\"clientDataJSON\":\"client-data-json\",\"attestationObject\":\"attestation-object\"},\"type\":\"public-key\"},\"challenge\":\"dGVzdCBjaGFsbGVuZ2U=\"}";
try(OutputStream os = con.getOutputStream()) {
    byte[] input = jsonInputString.getBytes("utf-8");
    os.write(input, 0, input.length);           
}

int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"application/json"},
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{`{"credential":{"id":"credential-id","rawId":"raw-credential-id","response":{"clientDataJSON":"client-data-json","attestationObject":"attestation-object"},"type":"public-key"},"challenge":"dGVzdCBjaGFsbGVuZ2U="}`})
    req, err := http.NewRequest("POST", "https://backend.flashback.tech/mfa/passkey/complete-registration", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

POST /mfa/passkey/complete-registration

Complete Passkey Registration

Complete the WebAuthn passkey registration process by validating the credential and challenge. This endpoint finalizes the passkey setup for the authenticated user.

Request Body

Name

Type

Required

Description

credential

object

true

WebAuthn credential from the client

challenge

string

true

Base64-encoded challenge used during registration

Body parameter

{
  "credential": {
    "id": "credential-id",
    "rawId": "raw-credential-id",
    "response": {
      "clientDataJSON": "client-data-json",
      "attestationObject": "attestation-object"
    },
    "type": "public-key"
  },
  "challenge": "dGVzdCBjaGFsbGVuZ2U="
}

Example responses

200 Response

{
  "success": true,
  "message": "Passkey registration completed"
}

400 Response

{
  "success": false,
  "error": "Passkey registration failed"
}

500 Response

{
  "success": false,
  "error": "Failed to complete passkey registration"
}

Responses

Status

Meaning

Description

Schema

200

Passkey registration completed successfully

Inline

400

Bad Request

Registration failed

Inline

500

Internal Server Error

Internal server error

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» message

string

false

none

Success message confirming registration

Status Code 400

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the registration failure

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» error

string

false

none

Error message describing the issue

Previouspost__passkey_auth-options Nextpost__mfa_reset

Last updated 28 days ago

Was this helpful?