Skip to main content
Version: 2.4.x.x Java 8 ELS

Default HTTP API endpoints

Nevis FIDO2 exposes several HTTP API endpoints relevant for authentication clients. As Nevis is highly flexible in regard to configuration, the following information is based on defaults and recommendations.

FIDO2 endpoints

Public URLHTTP methodRecommended authorization/authentication
/fido2/attestation/optionsPOST❌ None. However, we recommend that you protect the options endpoint with SecTokens for the Registration Ceremony.
/fido2/attestation/resultPOST❌ None
/fido2/assertion/resultPOST❌ None

Status endpoint

Public URLHTTP methodRecommended authorisation/authentication
nevisfido/fido2/statusPOST❌ None

The settings in the previous table are built into nevisFIDO. We recommend setting up a matching configuration in nevisProxy, nevisAuth, and nevisLogrend.

See Use Cases and Best Practices for more information on how to configure Nevis FIDO2.