Create a FIDO UAF credential

POST /nevisidm/api/core/v1/:clientExtId/users/:userExtId/fido-authenticators

Since: 2.71.0

Required permission(s): AccessControl.CredentialCreate,AccessControl.CredentialChangeState,AccessControl.CredentialView

Creates a new FIDO UAF credential for the specified user. The aaid and the keyId must be unique. The fields aaid, keyId, authenticatorVersion, publicKey, publicKeyAlgorithm and appId are mandatory.

Request

Path Parameters

clientExtId stringrequired

External ID of the client.

Example: client-123

userExtId stringrequired

External ID of the user.

Example: user-123

application/json

Body

required

aaid stringrequired

Possible values: non-empty

The authenticator attestation identifier.

keyId stringrequired

Possible values: non-empty

The key identifier of the authenticator registered key.

authenticatorVersion int32required

The version of the authenticator, as $major.$minor.

publicKey stringrequired

Possible values: non-empty

The user authentication public key generated by the FIDO Authenticator during registration.

publicKeyAlgorithm stringrequired

Possible values: non-empty

The public key algorithm used for the public key in the authenticator record.

appId stringrequired

Possible values: non-empty

The OS-specific ID of the application that uses the FIDO credential.

extId string

The external ID of the credential. If omitted, one will be generated automatically.

deviceId string

The device identifier obtained from a push service.

stateName string

Possible values: [active, disabled]

The state of the credential.

dispatchTargetExtId string

Unique 1:N association between the dispatch target and the UAF credential.

attestationType string

Possible values: [fullBasic, fullBasicPermissive, failedFullBasicPermissive, surrogateBasic, ecdaa]

The attestation type used during registration.

validity object

Describes the validity period of the credential.

from string

Start date of the entity's validity in ISO format.

to string

End date of the entity's validity in ISO format.

policyExtId string

The external ID of the used policy.

dispatchTarget object

The dispatch target to which the credential is associated.

extId string

The external ID of the dispatch target. If not provided, one will be generated. Must be unique within the client.

type string

Possible values: [fido-uaf]

Default value: fido-uaf

The type of the dispatch target.

deviceId stringrequired

Possible values: non-empty

The identifier of the device associated with this dispatch target.

target stringrequired

Possible values: non-empty

The target identifier of the authentication channel.

dispatcher string

The name of the dispatcher responsible for routing messages to this target.

userAgent string

User-Agent string of the FIDO UAF device.

encryptionKey string

Encryption key used for encrypting the channel data.

signingKey stringrequired

Possible values: non-empty

The signing key used for signing dispatch channel information.

appId stringrequired

Possible values: non-empty

The application ID where the device is registered.

name stringrequired

Possible values: non-empty

Human-readable name of the device.

state string

Possible values: [active, disabled]

Default value: active

The initial state of the dispatch target.

identification stringrequired

Possible values: non-empty

Business identification of the dispatch target.

appAttestation object

Optional App Attestation to associate with the dispatch target upon creation.

name string

User friendly name of the iOS App Attestation.

counter int32

Number of times the attestation was used to successfully validate an assertion.

receipt stringrequired

Possible values: non-empty

Receipt of the iOS App Attestation.

publicKey stringrequired

Possible values: non-empty

Public key of the iOS App Attestation.

deviceId stringrequired

Possible values: non-empty

Device ID associated with the iOS App Attestation.

environment string

The environment where this credential can be used.

Responses

FIDO UAF credential created successfully

application/json

Schema
Example (from schema)

Schema

created string

Creation date of the entity.

lastModified string

Date when the entity was last modified.

version int32

Version used for optimistic locking.

extId string

The external ID of the credential.

userExtId string

The external ID of the user to whom the credential belongs.

policyExtId string

The external ID of the used policy.

stateName string

Possible values: [initial, active, tmp-locked, fail-locked, reset-code, admin-changed, disabled, archived]

The state of the credential. Available values: initial, active, tmp-locked, fail-locked, reset-code, admin-changed, disabled, archived.

stateChangeReason string

Reason for the last state change of the password.

stateChangeDetail string

Reason detail for the last state change of the password.

lastSuccessfulLoginDate string

Timestamp of last successful login.

successfulLoginCount int32

Counts successful logins with this credential since last initialization or reset.

lastFailedLoginDate string

Date of last non-technical login failure, for example, wrong password.

failedLoginCount int32

Counts non-technical login failures since the last successful login, initialization or reset.

modificationComment string

Textual comment regarding the last modification.

type string

Possible values: [Password, Certificate, SecurID User Mapping, Ticket Authorization, Safeword User Mapping, OTP Card, Temporary Strong Password, Generic Credential, Kerberos, mTan, Vasco, PUK, URL Ticket, DevicePassword, MobileSignature, SAML Federation, Security Questions, Context Password, OATH, FIDO UAF Authenticator, Recovery Code, FIDO2 Authenticator]

Type of credential.

validity object

Describes the validity period of the password.

from string

Start date of the entity's validity in ISO format.

to string

End date of the entity's validity in ISO format.

aaid string

The authenticator attestation identifier.

keyId string

The key identifier of the authenticator registered key.

signCounter int32

Indicates how many times this authenticator has performed signatures in the past.

authenticatorVersion int32

The version of the authenticator, as $major.$minor.

appId string

The OS-specific ID of the application that uses the FIDO credential.

deviceId string

The device identifier obtained from a push service.

publicKey string

The user authentication public key generated by the FIDO Authenticator during registration.

publicKeyAlgorithm string

The public key algorithm used for the public key in the authenticator record.

dispatchTargetExtId string

Unique 1:N association between the dispatch target and the UAF credential.

dispatchTarget object

The dispatch target to which the credential is associated.

created string

Creation date of the entity.

lastModified string

Date when the entity was last modified.

version int32

Version used for optimistic locking.

extId string

The unique external ID of the dispatch target within the client. If not provided, one will be generated. It has to be unique on client

type string

Possible values: [fido-uaf]

Default value: fido-uaf

The type of the dispatch target.

deviceId string

The identifier of the device associated with this dispatch target.

target string

The target identifier of the authentication channel.

dispatcher string

The name of the dispatcher responsible for routing messages to this target.

userAgent string

User-Agent string of the FIDO UAF device.

encryptionKey string

Encryption key used for encrypting the channel data.

signingKey string

The signing key used for signing dispatch channel information.

appId string

The application ID where the device is registered.

name string

Human-readable name of the device.

state string

Possible values: [active, disabled]

Default value: active

The current state of the dispatch target.

identification string

Business identification of the dispatch target.

appAttestation object

The iOS App Attestation associated with this dispatch target, if any.

created string

Creation date of the entity.

lastModified string

Date when the entity was last modified.

version int32

Version used for optimistic locking.

name string

User friendly name of the iOS App Attestation.

counter int32

Number of times the attestation was used to successfully validate an assertion.

receipt string

Receipt data of the iOS App Attestation.

publicKey string

Public key of the iOS App Attestation.

deviceId string

Device ID associated with the iOS App Attestation.

environment string

The environment where this credential can be used.

attestationType string

Possible values: [fullBasic, fullBasicPermissive, failedFullBasicPermissive, surrogateBasic, ecdaa]

The attestation type used during registration.

{
  "created": "2023-08-18T12:34:56Z",
  "lastModified": "2023-08-18T12:34:56Z",
  "version": 1,
  "extId": "cred-123",
  "userExtId": "user-123",
  "policyExtId": "policy-123",
  "stateName": "active",
  "stateChangeReason": "Reset by admin",
  "stateChangeDetail": "Reset due to security policy",
  "lastSuccessfulLoginDate": "2023-08-18T12:34:56Z",
  "successfulLoginCount": 15,
  "lastFailedLoginDate": "2023-08-17T09:12:34Z",
  "failedLoginCount": 3,
  "modificationComment": "Updated by admin.",
  "type": "FIDO UAF Authenticator",
  "validity": {
    "from": "2023-01-01T00:00:00Z",
    "to": "2033-12-31T23:59:59Z"
  },
  "aaid": "ABCD#0001",
  "keyId": "a2V5SWRFeGFtcGxl",
  "signCounter": 42,
  "authenticatorVersion": 1,
  "appId": "appid-123",
  "deviceId": "device-123",
  "publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE...",
  "publicKeyAlgorithm": "SHA256",
  "dispatchTargetExtId": "dt-123",
  "dispatchTarget": {
    "created": "2023-08-18T12:34:56Z",
    "lastModified": "2023-08-18T12:34:56Z",
    "version": 1,
    "extId": "fido-uaf-target-1",
    "type": "fido-uaf",
    "deviceId": "device-12345",
    "target": "https://fidoexample.com/authenticate",
    "dispatcher": "DefaultDispatcher",
    "userAgent": "Mozilla/5.0",
    "encryptionKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...",
    "signingKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...",
    "appId": "https://example.com",
    "name": "FIDO UAF Target",
    "state": "active",
    "identification": "string",
    "appAttestation": {
      "created": "2023-08-18T12:34:56Z",
      "lastModified": "2023-08-18T12:34:56Z",
      "version": 1,
      "name": "FIDO UAF Target App Attestation",
      "counter": 1,
      "receipt": "SampleReceiptData",
      "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...",
      "deviceId": "device-12345",
      "environment": "production"
    }
  },
  "attestationType": "fullBasic"
}

Insufficient permissions

application/json

Schema
Example (from schema)
Permission denied
Dataroom permission denied

Schema

errors ErrorMessageDTO[]

Possible values: [errors.fatalError, errors.unknownReason, errors.inconsistentData, errors.duplicateName, errors.invalidData, errors.duplicateValue, errors.duplicateEmail, errors.duplicateMobile, errors.undeletedDependencies, errors.noRecord, errors.invalidConfig, errors.missingReferenceData, errors.recordDeleted, errors.modifyReadonlyData, errors.tooManySearchResults, errors.pessimisticLockingFailure, errors.policyViolation, errors.deleteDefaultEntityFailure, errors.emailChannel, errors.noSmtpConnection, errors.SmtpNotConfigured, errors.propertyUniquenessViolated, errors.property.stringmaxlen, errors.property.stringregex, errors.property.regexinv, errors.pwdPolicyViolated, errors.certificatePolicyViolated, errors.identifierPolicyViolated, errors.passwordExists, errors.mtanFormatViolated, errors.mtanFormatE164Violated, errors.tempStrongPasswordExists, errors.safewordExists, errors.securidExists, errors.ticketExists, errors.kerberosExists, errors.tooManyOTPCards, errors.urlTicketMissingURLPrefix, errors.certificateExists, errors.vascoExists, errors.PUKExists, errors.URLTicketExists, errors.mobileSignatureExists, errors.securityQuestionsExists, errors.recoveryCodeExists, errors.securityQuestionsMaxReached, errors.qrCodeGenerationFailed, errors.oathSecretIsShared, errors.nocertcred, errors.CredTypeUnitPolicyViolated, errors.CredTypeClientPolicyViolated, errors.credentialNotActive, errors.dimensionNotMatch, errors.noTemplate, errors.pdfPrintingFailure, errors.missingMandatoryPlaceholder, errors.defaultCollectionDelete, errors.tableTypeMismatch, errors.nullRequestBody, errors.deserialization, errors.nullParameter, errors.invalidParameter, errors.invalidDate, errors.invalidDateOrDateTime, errors.invalidDateInterval, errors.invalidMobile, errors.mobileCannotBeDeleted, errors.mobileMissing, errors.userLoginIdNull, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userLoginFailed, errors.userNameNull, errors.userFirstNameNull, errors.userSexNull, errors.userCountryNull, errors.userEmailNull, errors.userMobileNull, errors.userPhoneFormat, errors.userEmailFormat, errors.msisdnFormat, errors.applicationNameNull, errors.credentialFidoUaf.invalidAuthVersionFormat, errors.credentialFidoUaf.invalidPublicKeyAlgorithm, errors.credentialFidoUaf.invalidKeyIdFormat, errors.credentialFidoUaf.invalidAaidFormat, errors.credentialFidoUaf.emptyAppId, errors.credentialFidoUaf.notUnique, errors.msspIdentifierMissing, errors.invalidTimeInterval, errors.unitInvalidValidityPeriodParent, errors.unitInvalidValidFromParameterParent, errors.unitInvalidValidUntilParameterParent, errors.unitInvalidValidityPeriodChild, errors.unitInvalidValidFromParameterChild, errors.unitInvalidValidUntilParameterChild, errors.noClientFound, errors.inconsistentClientAssignment, errors.noDefaultUnitInClient, errors.samlAttributeFormat, errors.insufficientRightsFunction, errors.maxResetCount, errors.insufficientFineGrainedRights, errors.potentialPrivilegeEscalation, errors.applDataroomDenied, errors.unitDataroomDenied, errors.eRoleDataroomDenied, errors.combinedDataroomDenied, errors.clientDataroomDenied, errors.referenceDataChangeDenied, errors.attrAccessForbidden, errors.filesystemIO, errors.reporting.tooManyRequests, errors.modifyArchivedUser, errors.modifyArchivedCredential, errors.archiveCredentialDenied, errors.modifyArchivedProfile, errors.assignDisabledUnit, errors.assignProfilelessUnit, errors.profilelessFlagCannotBeSet, errors.modifyExtId, errors.docTypeNotModifiable, errors.addIdmToApplDataroom, errors.applicationLimitsDataroomUnitsMaxExceeded, errors.assignSubunitAsParent, errors.history.norecord, errors.loginIdGeneratorFailed, errors.fileupload.vasco, errors.techUser.oneProfile, errors.urlTicket.invalidFormat, errors.passwordChangeDeadlineExceeded, errors.pcyconf.invalidParamValue, errors.pcyconf.missingParam, errors.pcyconf.missingProfilePolicy, errors.pcyconf.multipleClientPolicy, errors.pcyconf.invalidParamName, errors.userImport.fileupload.invalidTemplate, errors.enterpriseRolesDisabled, errors.queryServiceDisabled, errors.serviceDisabled, errors.invalidUri, errors.unsupportedMediaType, errors.jsonProcessingError, errors.unsupportedOperation, errors.unsupportedCredentialTypeToCreate, errors.unsupportedCredentialTypeToDelete, errors.credentialTypeWithoutProperties, errors.invalidAssignIdmroleToErole, errors.invalidJWTToken, errors.modifyProtectedFieldInvalidJWTToken, errors.optimisticLockingFailure, errors.deleteDefaultUnitCredPolicyFailure, errors.otherGenderPolicyDisabled, error.login.userState, error.job.execution.failure, errors.invalidSyntax, errors.mandatoryParameterMissing, errors.fieldIsNotIndexed, errors.fieldIsNotDirectlyIndexed, errors.entityManagerNotOpen, errors.unsuccessfulQuery, errors.queryHasTimedOut, errors.emailPolicyViolated, errors.policyInconsistency]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.insufficientRightsFunction",
      "message": "Permission denied: Caller does not have the required right 'AccessControl.CredentialCreate' to perform this action"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.combinedDataroomDenied",
      "message": "Permission denied: AccessControl.CredentialCreate"
    }
  ]
}

Referenced resource not found

application/json

Schema
Example (from schema)
Client not found
User not found

Schema

errors ErrorMessageDTO[]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "Client doesn't exist with extId 'client-123'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "A user with extId 'user-123' doesn't exist on client with name Default"
    }
  ]
}

Invalid request parameters

application/json

Schema
Example (from schema)
Missing required field
Policy configuration not found
Policy configuration type mismatch
Default policy configuration does not exist
Duplicate credential external ID
Invalid credential state
Duplicate dispatch target external ID
DispatchTarget name must be unique per user
DispatchTarget identification must be unique
App Attestation name must be unique per user
AAID and KeyID combination not unique
Invalid attestation type

Schema

errors ErrorMessageDTO[]

A list of error messages describing the error(s) that occurred.

Array [

identifier object

The identifier of the entity related to the error, only used in certain error cases for BULK actions.

oneOf

CredentialExtIdIdentifierDTO
FidoUafIdentifier

clientExtId string

The external identifier of the client.

userExtId string

The external identifier of the user.

credentialExtId string

The external identifier of the credential.

code string

The error code identifying the type of error.

message string

A human-readable message providing more details about the error.

]

policyViolations PolicyViolationDTO[]

A list of policy violations that caused the error.

Array [

displayName string

The display name of the policy element that was violated.

configString string

The configuration string of the policy element that was violated.

suppliedValue string

The value that was supplied and caused the policy violation.

limitValue int32

The limit value defined in the policy element that was violated.

actualValue string

The actual value that caused the policy violation.

]

policyViolation PolicyElementViolation

cause object

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

element PolicyElement

displayName string

messageTag string

infoTag string

limitValue int32

configString string

suppliedValue string

actualvalue string

description string

message string

suppressed object[]

Array [

stackTrace object[]

Array [

classLoaderName string

moduleName string

moduleVersion string

methodName string

fileName string

lineNumber int32

className string

nativeMethod boolean

]

message string

localizedMessage string

]

localizedMessage string

{
  "errors": [
    {
      "code": "errors.fatalError",
      "message": "The user with the given external ID was not found."
    }
  ],
  "policyViolations": [
    {
      "displayName": "string",
      "configString": "string",
      "suppliedValue": "4",
      "limitValue": 3,
      "actualValue": "5"
    }
  ],
  "policyViolation": {
    "cause": {
      "stackTrace": [
        {
          "classLoaderName": "string",
          "moduleName": "string",
          "moduleVersion": "string",
          "methodName": "string",
          "fileName": "string",
          "lineNumber": 0,
          "className": "string",
          "nativeMethod": true
        }
      ],
      "message": "string",
      "localizedMessage": "string"
    },
    "stackTrace": [
      {
        "classLoaderName": "string",
        "moduleName": "string",
        "moduleVersion": "string",
        "methodName": "string",
        "fileName": "string",
        "lineNumber": 0,
        "className": "string",
        "nativeMethod": true
      }
    ],
    "element": {
      "displayName": "string",
      "messageTag": "string",
      "infoTag": "string",
      "limitValue": 0,
      "configString": "string"
    },
    "suppliedValue": "string",
    "actualvalue": "string",
    "description": "string",
    "message": "string",
    "suppressed": [
      {
        "stackTrace": [
          {
            "classLoaderName": "string",
            "moduleName": "string",
            "moduleVersion": "string",
            "methodName": "string",
            "fileName": "string",
            "lineNumber": 0,
            "className": "string",
            "nativeMethod": true
          }
        ],
        "message": "string",
        "localizedMessage": "string"
      }
    ],
    "localizedMessage": "string"
  }
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "The following fields are not valid: name"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "PolicyConfiguration doesn't exist with extId 'policy-123'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Policy Configuration policy-123 is not of type GenericCredentialPolicy"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Default Policy Configuration does not exist for type GenericCredentialPolicy!"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.duplicateName",
      "message": "A credential with this extId 'cred-123' already exists"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidParameter",
      "message": "Invalid CredentialState name 'invalid_state'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.duplicateValue",
      "message": "A DispatchTarget with extId 'dt-123' already exists on client with name 'Default'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.duplicateName",
      "message": "A DispatchTarget with the same name already exists for the user"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.duplicateValue",
      "message": "A DispatchTarget with identification 'identification' already exists for user with extId 'user-123' on client with name 'Default'"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.duplicateName",
      "message": "An App Attestation with the same name already exists for the user"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.credentialFidoUaf.notUnique",
      "message": "The aaid 'ABCD#0001' and the keyId 'a2V5SWRFeGFtcGxl' of the FIDO UAF credential must be unique"
    }
  ]
}

{
  "errors": [
    {
      "code": "errors.invalidData",
      "message": "Invalid AttestationType name='invalidType'"
    }
  ]
}

Create a FIDO UAF credential

/nevisidm/api/core/v1/:clientExtId/users/:userExtId/fido-authenticators

Request​

Path Parameters

Body

Responses​

Request

Responses