FIDO2 registration options (also handles authentication)
POST/nevisfido/fido2/attestation/options
This endpoint implements the first step of the FIDO2/WebAuthn ceremony flow as defined by the W3C WebAuthn specification, where the server generates a cryptographic challenge and configuration options for the client before the authenticator is invoked. The client passes the returned options to the WebAuthn browser API, which prompts the user's platform or roaming authenticator to create or retrieve a credential. Once the authenticator has responded, the client submits its output to the corresponding result endpoint to complete the ceremony. This endpoint handles both registration and authentication in a single path — the ceremony type is determined automatically from the content of the request.
Request
Header Parameters
- application/json
Body
required
Registration request example
extensions object
Possible values: [userVerificationOptional, userVerificationOptionalWithCredentialIDList, userVerificationRequired]
hmacGetSecret object
authenticatorSelection object
Responses
- 200
- 405
- 406
- 415
OK The server processed the request successfully. A ServerPublicKeyCredentialCreationOptionsResponse JSON object is returned.
- */*
- Schema
- Example (from schema)
Schema
- ServerPublicKeyCredentialCreationOptionsResponse
- Array [
- ]
- Array [
- ]
rp object
user object
extensions object
Possible values: [userVerificationOptional, userVerificationOptionalWithCredentialIDList, userVerificationRequired]
hmacGetSecret object
authenticatorSelection object
pubKeyCredParams object[]
excludeCredentials object[]
Possible values: [ok, failed]
{}
Method Not Allowed The method of the received request was not POST.
Not Acceptable The Accept header is not properly set to application/json.
Unsupported Media Type The Content-Type header is not properly set to application/json;charset=UTF-8.