/v1/auth/webauthn/registrations/begin
endpoint. You need two fields for the request: a Streambird user_id and the domain where the webauthn-json’s create call will be invoked, i.e. your login page’s domain. There’s one optional field, authenticator_type
, which can be used to require a certain type of WebAuthn device, either platform (like a fingerprint reader) or cross-platform. If you omit this field, Streambird will assume the default platform
type is acceptable.
public_key_credential_creation_options
from the response received from the /v1/auth/webauthn/registrations/begin
endpoint within the browser, and call the create method of webauthn-json. Be sure to handle any potential errors that may occur during this process, such as the absence of available WebAuthn devices for registration. Upon successful completion of the WebAuthn call, stringify the response in JSON format and prepare for another call to Streambird.
/v1/auth/webauthn/registrations/create
using Streambird. After Streambird validates the credential, it will return the webauthn_credential_id
if the registration is successful. With this registration, the user can now be authenticated using WebAuthn. To ensure the validity of the user’s registration, we recommend storing both the webauthn_credential_id
and domain, which can be checked before calling /v1/auth/webauthn/authentication/begin
for future logins.
webauthn-json
’s get method to generate a request. This request is created by sending a request to /v1/auth/webauthn/authentication/begin
and including two fields: the user_id
of the user and the domain
on which the WebAuthn call will be executed.
public_key_credential_request_options
field from the /v1/webauthn/registrations/begin
response and utilize it in the browser. Take care to handle any errors that may occur during this process. Once webauthn-json’s get method has been successfully called use the JSON object for the API call to Streambird.
public_key_credential
field to initiate authentication by sending a request to /v1/auth/webauthn/authentication/verify
through Streambird. If there are any issues with the provided credential, Streambird will respond with a 400 error. Otherwise, a 200 response indicates that the authentication was successful.