FIDO2 authentication options
POST/nevisfido/fido2/assertion/options
This endpoint performs the same first step of the FIDO2/WebAuthn flow as the attestation options endpoint, but is dedicated exclusively to the authentication ceremony. It is provided to satisfy the FIDO2 server conformance test suite, which requires separate paths for registration and authentication options. The server returns a challenge and allowed credential list that the client passes to the WebAuthn browser API to invoke the user's authenticator for a sign-in operation. In typical nevisFIDO deployments the attestation options endpoint is used for both ceremonies, making this endpoint an alternative for conformance and interoperability purposes.
Request
Header Parameters
- application/json
Body
required
Authentication request example
extensions object
Possible values: [userVerificationOptional, userVerificationOptionalWithCredentialIDList, userVerificationRequired]
hmacGetSecret object
Responses
- 200
- 405
- 406
- 415
OK The server processed the request successfully. A ServerPublicKeyCredentialGetOptionsResponse JSON object is returned.
- */*
- Schema
- Example (from schema)
Schema
- ServerPublicKeyCredentialGetOptionsResponse
- Array [
- ]
extensions object
Possible values: [userVerificationOptional, userVerificationOptionalWithCredentialIDList, userVerificationRequired]
hmacGetSecret object
allowCredentials object[]
Possible values: [ok, failed]
{}
Method Not Allowed The method of the received request was not POST.
Not Acceptable The Accept header is not properly set to application/json.
Unsupported Media Type The Content-Type header is not properly set to application/json;charset=UTF-8.