Complete User Registration
POST /auth/registration
Completes the user registration process and creates the user's initial credentials.
The type of credentials being registered is determined by the credentialKind
field in the nested objects (firstFactorCredential
and secondFactorCredential
). Supported credential kinds are:
Fido2
: User action is signed by a user's signing device usingWebAuthn
.Key
: User action is signed by a user's, or token's, private key.
Request headers required. See Request Headers for more information.
Temporary authentication token required. See Registration Headers for more information.
Required Permissions
Since this endpoint is not authentication, the permissions apply to the application only.
Name | Conditions |
---|---|
| Always Required |
| When |
| When |
Request body
|
| first factor credential that the user is registering |
|
|
|
|
|
|
Fido2 Credential
|
| will always be |
|
| |
|
| base64url encoded id of the credential |
|
| base64url encoded client data object. The underlying object is the clientData object returned by the user's WebAuthn client |
|
| base64url encoded attestation data object. The underlying object is the attestationData object returned by the user's WebAuthn client |
Example
Key Credential
|
| will always be |
|
| |
|
| base64url encoded id of the credential |
|
| Client Data JSON object, stringified and base64url-encoded |
|
| base64url encoded Attestation Data JSON string object with the users signature and public key |
Example
Recovery Credential
|
| will always be |
|
| |
|
| base64url encoded id of the credential |
|
| Client Data JSON object, stringified and base64url-encoded |
|
| base64url encoded Attestation Data JSON string object with the user's signature and public key |
|
|
|
Example
Responses
See Common Errors for common errors.
See User Registration Errors for user registration specific errors.
Success - an object describing the user
Last updated