When new users are created within your organization, they will receive a registration email containing a registration code. These endpoints allow this user to complete the registration process.

This registration process includes registering the user's authentication method. Either:

• WebAuthn (Passwordless MFA)

• a custom Key (public key of a public/private keypair) if this user will only interact programatically.

The registration flow is as following:

1. Create a user registration challenge (POST /auth/registration/init).

Dfns will verify the registration code sent by the user, and generate a challenge to be signed and passed to the second endpoint. A temporary authentication token is also sent back, to be passed in the Authorization: Bearer [temporary token] header of the next registration endpoint.

2. Complete the user registration (POST /auth/registration)

Here you will register an authentication method, and send the previous challenge with a signature.