Create User Action Challenge

curl --request POST \
  --url https://api.dfns.io/auth/action/init \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "userActionServerKind": "Api",
  "userActionHttpMethod": "<string>",
  "userActionHttpPath": "<string>",
  "userActionPayload": "<string>"
}'

{
  "challenge": "<string>",
  "challengeIdentifier": "<string>",
  "rp": {
    "id": "<string>",
    "name": "<string>"
  },
  "supportedCredentialKinds": [
    {
      "kind": "Fido2",
      "factor": "first",
      "requiresSecondFactor": true
    }
  ],
  "userVerification": "required",
  "attestation": "none",
  "allowCredentials": {
    "key": [
      {
        "type": "public-key",
        "id": "<string>"
      }
    ],
    "passwordProtectedKey": [
      {
        "type": "public-key",
        "id": "<string>",
        "encryptedPrivateKey": "<string>"
      }
    ],
    "webauthn": [
      {
        "type": "public-key",
        "id": "<string>"
      }
    ]
  },
  "externalAuthenticationUrl": "<string>"
}

POST

auth

action

init

Create User Action Challenge

curl --request POST \
  --url https://api.dfns.io/auth/action/init \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "userActionServerKind": "Api",
  "userActionHttpMethod": "<string>",
  "userActionHttpPath": "<string>",
  "userActionPayload": "<string>"
}'

{
  "challenge": "<string>",
  "challengeIdentifier": "<string>",
  "rp": {
    "id": "<string>",
    "name": "<string>"
  },
  "supportedCredentialKinds": [
    {
      "kind": "Fido2",
      "factor": "first",
      "requiresSecondFactor": true
    }
  ],
  "userVerification": "required",
  "attestation": "none",
  "allowCredentials": {
    "key": [
      {
        "type": "public-key",
        "id": "<string>"
      }
    ],
    "passwordProtectedKey": [
      {
        "type": "public-key",
        "id": "<string>",
        "encryptedPrivateKey": "<string>"
      }
    ],
    "webauthn": [
      {
        "type": "public-key",
        "id": "<string>"
      }
    ]
  },
  "externalAuthenticationUrl": "<string>"
}

Authentication

✅ Organization User (CustomerEmployee)
✅ Delegated User (EndUser)
✅ Service Account

Required Permissions

No permission required.

Authorizations

Authorization

string

header

required

Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows

Body

application/json

userActionHttpMethod

string

required

Minimum length: 1

userActionHttpPath

string

required

Minimum length: 1

userActionPayload

string

required

userActionServerKind

enum<string>

Available options:

Api,

Staff

Response

200 - application/json

Success

challenge

string

required

challengeIdentifier

string

required

supportedCredentialKinds

object[]

required

Show child attributes

userVerification

enum<string>

required

Available options:

required,

preferred,

discouraged

attestation

enum<string>

required

Available options:

none,

indirect,

direct,

enterprise

allowCredentials

object

required

Show child attributes

externalAuthenticationUrl

string

required

object

Show child attributes

User Action Signing flows

Create User Action Signature

⌘I

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

Create User Action Challenge

Authentication

Required Permissions

Authorizations

Body

Response

API Authorization

Identity & Access Management

Wallets & Transactions

Management

Webhooks

​Authentication

​Required Permissions

Authorizations

Body

Response

Authentication

Required Permissions