Dfns API Documentation
  • 👋Welcome
  • Getting Started
    • Onboarding to Dfns
    • Dfns Environments
    • Core API Objects
    • Supported Assets
    • Postman
    • Dfns SDKs
    • Dashboard Videos
  • API Docs
    • Introduction
    • Authentication
      • Delegated Authentication
        • Delegated Registration
        • Delegated Registration Restart
        • Delegated Login
      • User Action Signing
        • Create User Action Signature Challenge
        • Create User Action Signature
      • Registration
        • Create User Registration Challenge
        • Complete User Registration
        • Complete End User Registration with Wallets
        • Resend Registration Code
        • Social Registration
      • Login
        • Create User Login Challenge
        • Complete User Login
        • Social Login
        • Logout
        • Send Login Code
      • Users
        • List Users
        • Create User
        • Get User
        • Activate User
        • Deactivate User
        • Archive User
      • Service Accounts
        • List Service Accounts
        • Create Service Account
        • Get Service Account
        • Update Service Account
        • Activate Service Account
        • Deactivate Service Account
        • Archive Service Account
      • Applications
        • List Applications
        • Create Application
        • Create Server-Signed Application
        • Get Application
        • Update Application
        • Activate Application
        • Deactivate Application
        • Archive Application
      • Personal Access Tokens
        • List Personal Access Tokens
        • Create Personal Access Token
        • Get Personal Access Token
        • Update Personal Access Token
        • Activate Personal Access Token
        • Deactivate Personal Access Token
        • Archive Personal Access Token
      • Credentials
        • Credentials Overview
        • API Reference
          • Create Credential Code
          • Create Credential Challenge
          • Create Credential Challenge With Code
          • Create Credential
          • Create Credential With Code
          • Deactivate Credential
          • Activate Credential
          • List Credentials
      • Recovery
        • Send Recovery Code Email
        • Create Recovery Challenge
        • Create Delegated Recovery Challenge
        • Recover User
    • Wallets
      • Create Wallet
      • Update Wallet
      • Delete Wallet
      • [deprecated] Delegate Wallet
      • Get Wallet by ID
      • List Wallets
      • Get Wallet Assets
      • Get Wallet NFTs
      • Get Wallet History
      • Tag Wallet
      • Untag Wallet
      • Transfer Asset
      • Get Transfer Request by ID
      • List Transfer Requests
      • Sign and Broadcast Transaction
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Canton
        • Cardano
        • EVM
        • Solana
        • Stellar
        • Tezos
        • TRON
        • XRP Ledger (Ripple)
      • Get Transaction Request by ID
      • List Transaction Requests
      • [deprecated] Generate Signature
      • Advanced Wallet APIs
        • Import Wallet
        • [deprecated] Export Wallet
    • Fee Sponsors
      • Create Fee Sponsor
      • Get Fee Sponsor
      • List Fee Sponsors
      • Activate Fee Sponsor
      • Deactivate Fee Sponsor
      • Delete Fee Sponsor
      • List Sponsored Fees
    • Keys
      • Create Key
      • Update Key
      • Delete Key
      • Delegate Key
      • Get Key by ID
      • List Keys
      • Generate Signature
        • Algorand
        • Aptos
        • Bitcoin / Litecoin
        • Cardano
        • Cosmos Appchain
        • EVM
        • Solana
        • Stellar
        • Substrate (Polkadot)
        • Tezos
        • TON
        • TRON
        • XRP Ledger (Ripple)
      • Get Signature Request by ID
      • List Signature Requests
      • Advanced Key APIs
        • Import Key
        • Export Key
        • Deterministic Derivation
    • Networks
      • Estimate fees
      • Read Contract
      • Validators
        • Create Validator
        • List Validators
    • Policy Engine
      • Policies Overview
      • API Reference
        • Create Policy
        • Get Policy
        • List Policies
        • Update Policy
        • Archive Policy
        • Get Approval
        • List Approvals
        • Create Approval Decision
    • Permissions
      • Permissions Overview
      • API Reference
        • Get Permission
        • List Permissions
        • Create Permission
        • Update Permission
        • Archive Permission
        • Assign Permission
        • Revoke Permission
        • List Permission Assignments
    • Webhooks
      • Create Webhook
      • Get Webhook
      • List Webhooks
      • Update Webhook
      • Delete Webhook
      • Ping Webhook
      • Get Webhook Event
      • List Webhook Events
    • Dfns Change Log
    • API Errors
  • Integrations
    • Exchanges
      • Kraken
      • Binance
      • Coinbase Prime
      • API Reference
        • Create Exchange
        • List Exchanges
        • Get Exchange
        • Delete Exchange
        • List Exchange Accounts
        • List Exchange Account Assets
        • Create Exchange Deposit
        • Create Exchange Withdrawal
    • AML / KYT
      • Chainalysis
    • Staking
      • API Reference
        • Create Stake
        • Create Stake Action
        • List Stakes
        • List Stake Actions
        • get Rewards
    • Fiat On/Off-Ramps
    • Account Abstraction on EVMs
  • Advanced Topics
    • Authentication
      • API Authentication
      • Request Headers
      • Credentials
        • Generate a Key Pair
        • User Credentials
        • Access Token Credentials
        • Storing WebAuthn Credentials in Password Managers
      • Request Signing
      • API objects
    • Delegated Signing
    • API Idempotency
    • FAQ
  • Guides
    • Passkey Settings - Migration guide
    • Keys & Multichain - Migration Guide
Powered by GitBook
On this page
  • Required Permissions
  • Request body
  • Fido2 Credential
  • Key Credential
  • Password Protected Key Credential
  • Recovery Credential
  • Wallets
  • Example
  • Responses
  1. API Docs
  2. Authentication
  3. Registration

Complete End User Registration with Wallets

Last updated 1 month ago

POST /auth/registration/enduser

Completes the end user registration process and creates the user's initial credentials along with delegated wallets for the new end user.

The type of credentials being registered is determined by the credentialKind field in the nested objects (firstFactorCredential , secondFactorCredential and RecoveryCredential). Supported credential kinds are:

  • Fido2: User action is signed by a user's signing device using WebAuthn.

  • Key: User action is signed by a user's, or token's, private key.

  • PasswordProtectedKey: User action is signed by a user's, or token's, private key. The encrypted version of the private key is stored by Dfns and returns during the signing flow for the user to decrypt it.

The number of delegated wallets created and the wallet types are determined by the wallets specifications. The end user is automatically assigned DfnsDefaultEndUserAccess managed permission that grants the end user full access to the wallets.

  • Request headers required. See for more information.

  • Temporary authentication token required. See for more information.

Required Permissions

Since this endpoint is not authenticated, the permissions apply to the application only.

Name
Conditions

Auth:Users:Create

Always Required

Auth:Types:EndUser

Always Required

Wallets:Create

Always Required

Keys:Create

Always Required

Keys:Delegate

Always Required

Request body

firstFactorCredential *

Object

first factor credential that the end user is registering

secondFactorCredential

Object

Optional second factor credential that the end user is registering

recoveryCredential

Object

Optional recovery credential that can be used to recover the end user's account

wallets

Array

delegated wallets that the end user should have

Fido2 Credential

credentialKind *

String

will always be Fido2

credentialInfo *

Object

credentialInfo.credId *

String

base64url encoded id of the credential

credentialInfo.clientData *

String

base64url encoded client data object. The underlying object is the clientData object returned by the user's WebAuthn client

credentialInfo.attestationData *

String

base64url encoded attestation data object. The underlying object is the attestationData object returned by the user's WebAuthn client

Key Credential

credentialKind *

String

will always be Key

credentialInfo *

Object

credentialInfo.credId *

String

base64url encoded id of the credential

credentialInfo.clientData *

String

credentialInfo.attestationData *

String

Password Protected Key Credential

credentialKind *

String

will always be PasswordProtectedKey

credentialInfo *

Object

credentialInfo.credId *

String

base64url encoded id of the credential

credentialInfo.clientData *

String

credentialInfo.attestationData *

String

encryptedPrivateKey

String

Encrypted private key. The user should hold the secret to decrypting this value, and that secret should never be transmitted to Dfns

Recovery Credential

credentialKind *

String

will always be RecoveryKey

credentialInfo *

Object

credentialInfo.credId *

String

base64url encoded id of the credential

credentialInfo.clientData *

String

credentialInfo.attestationData *

String

encryptedPrivateKey

String

Optional encrypted private key. The user should hold the secret to decrypting this value, and that secret should never be transmitted to Dfns

Wallets

network

String

name

Object

Optional name given to the wallet

Example

{
  "firstFactorCredential":{
    "credentialKind":"Key",
    "credentialInfo":{
      "credId":"c1QEdgnPLJargwzy3cbYKny4Q18u0hr97unXsF3DiE8",
      "clientData":"eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiTVdNME1tWTVZVFEwTURSaU56ZGhOVEZoTnpZNU9EUXdOV0k1WlRRNFkyUmhPRFppTkRrM1pUWXpPVEU1T0dZeU1EY3haakJqWXprNE1tUTVZelkxTUEiLCJvcmlnaW4iOiJodHRwczovL2FwcC5kZm5zLm5pbmphIiwiY3Jvc3NPcmlnaW4iOmZhbHNlfQ",
      "attestationData":"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViUSZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NdAAAAALraVWanqkAfvZZFYZpVEg0AENGocd_aHX0iV5ELDC7NR-WlAQIDJiABIVggoA_knPCNl5eHS7pfoPRyhu3KpIBQNHEakwrMwgmIA7ciWCD86j0CwKUFTNez8ysoZFqZpl786wp-BKG2v_MaLQmo1w"
    }
  },
  "recoveryCredential":{
    "credentialKind":"RecoveryKey",
    "credentialInfo":{
      "credId":"GMkW0zlmcoMxI1OX0Z96LL_Mz7dgeu6vOH5_TOeGyNk",
      "clientData":"eyJ0eXBlIjoia2V5LmNyZWF0ZSIsImNoYWxsZW5nZSI6Ik1XTTBNbVk1WVRRME1EUmlOemRoTlRGaE56WTVPRFF3TldJNVpUUTRZMlJoT0RaaU5EazNaVFl6T1RFNU9HWXlNRGN4WmpCall6azRNbVE1WXpZMU1BIiwib3JpZ2luIjoiaHR0cHM6Ly9hcHAuZGZucy5uaW5qYSIsImNyb3NzT3JpZ2luIjpmYWxzZX0",
      "attestationData":"eyJwdWJsaWNLZXkiOiItLS0tLUJFR0lOIFBVQkxJQyBLRVktLS0tLVxuTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFOWNHMm1FNERXSGJ3d2xMUlNLQkxaOW02K1FzQ1xuZU9xV0poMXg1VnZSSFpNYVBMUWxScmhoZ2JIbTh1bmE0aDhTK0w1bzhzVjhIdnVqYmwzTXJBVGozUT09XG4tLS0tLUVORCBQVUJMSUMgS0VZLS0tLS1cbiIsInNpZ25hdHVyZSI6IjMwNDYwMjIxMDBiZjBjZGU3ZGIyODQ0ZDhmOTIyZWQyOTNmN2E4NTVjM2U1Y2YzMjUxZjFhY2Q3M2I4MjNiNWZiOTIzZDNiY2FiMDIyMTAwY2YxM2U2ZDliY2ZiMjc3M2Q5ZDkyMDU4M2YwMWE0ODAyYmI4OTg5Y2NmZjMzNjJkYzJmN2U1ZjRmMTQzZjA2ZiJ9"
    },
    "encryptedPrivateKey":"LsXVskHYqqrKKxBC9KvqStLEmxak5Y7NaboDDlRSIW7evUJpQTT1AYvx0EsFskmriaVb3AjTCGEv7gqUKokml1USL7+dVmrUVhV+cNWtS5AorvRuZr1FMGVKFkW1pKJhFNH2e2O661UhpyXsRXzcmksA7ZN/V37ZK7ITue0gs6I="
  },
  "wallets": [
    {
      "network": "Ethereum"
    }
  ]
}

Responses

Success - an object describing the end user and the delegated wallets

{
  "credential": {
    "uuid": "cr-34514-nip9c-xxxxxxxxxxxxxxxx",
    "credentialKind": "Fido2",
    "name": "Default Credential"
  },
  "user": {
    "id": "us-2ba0h-lvp2q-xxxxxxxxxxxxxxxx",
    "username": "jdoe@example.co",
    "orgId": "or-5ls29-8kduj-xxxxxxxxxxxxxxxx"
  },
  "authentication": {
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOixxxxxxxx"
  },
  "wallets": [
    {
      "id": "wa-72qpd-et2jo-xxxxxxxxxxxxxxxx",
      "network": "EthereumSepolia",
      "signingKey": {
        "id": "key-6ece3-9l565-xxxxxxxxxxxxxxxx",
        "scheme": "ECDSA",
        "curve": "secp256k1",
        "publicKey": "03e60f8b708b197c66b411e1671624ea09228f1ab560483bbe8043852217d982c1"
      },
      "address": "0xbe6ec3fd37034ff44c84cf3453a2cac538787d75",
      "dateCreated": "2024-04-18T12:27:57.947Z",
      "custodial": false,
      "status": "Active"
    }
  ]
}

JSON object, stringified and base64url-encoded

base64url encoded JSON string object with the users signature and public key

JSON object, stringified and base64url-encoded

base64url encoded JSON string object with the user's signature and public key

JSON object, stringified and base64url-encoded

base64url encoded JSON string object with the user's signature and public key

Network used for the wallet (See for possible values)

See for common errors.

See for user registration specific errors.

Request Headers
Registration Headers
Common Errors
User Registration Errors
Client Data
Attestation Data
Client Data
Attestation Data
Client Data
Attestation Data
Supported Networks