WebAuthn registration ceremony endpoint

POST 
/nevisfido/fido2/attestation/result

This endpoint represents the second and final step of the FIDO2/WebAuthn registration ceremony, where the client delivers the authenticator's attestation response to the nevisFIDO server to complete the enrolment of a new credential. The attestation response includes the newly generated public key, attestation statement, and client data hash tied to the challenge from the preceding options request. nevisFIDO verifies the attestation, confirms the challenge against the active session, and stores the credential against the user's account for use in future authentication ceremonies. The session identifier returned in the response can be used to confirm the registration status in downstream flows.

Request

application/json

Body

required

response object
attestationObject string
clientDataJSON string
userAgent string
userFriendlyName string
type string
id string
clientExtensionResults object
appid boolean
appidExclude boolean
uvm array[]
empty boolean
first number[]
last number[]
Array [
type
items number
]
credProps object
rk boolean
hmacCreateSecret boolean
hmacGetSecret object
output1 byte
output2 byte

Responses

200

OK The server processed the request successfully. A ServerResponse JSON object is returned.

*/*

Schema

Schema

status string

Possible values: [ok, failed]

errorMessage string
fido2SessionId string

Example (from schema)

{
  "status": "ok",
  "errorMessage": "string",
  "fido2SessionId": "string"
}

405

Method Not Allowed The method of the received request was not POST.

406

Not Acceptable The Accept header is not properly set to application/json.

415

Unsupported Media Type The Content-Type header is not properly set to application/json;charset=UTF-8.

Loading...