Begin passwordless passkey authentication
POST
/v1/auth/passkey/begin
const url = 'https://example.com/v1/auth/passkey/begin';const options = { method: 'POST', headers: {'Content-Type': 'application/json'}, body: '{"email":"example","domain":"example"}'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request POST \ --url https://example.com/v1/auth/passkey/begin \ --header 'Content-Type: application/json' \ --data '{ "email": "example", "domain": "example" }'Initiates a WebAuthn assertion ceremony for passwordless passkey login. Only considers credentials of type webauthn_passkey (not webauthn_fido). Returns 404 if the user has no passkeys enrolled.
Request Body required
Section titled “Request Body required ” Media type application/json
object
email
required
string
domain
required
string
Example generated
{ "email": "example", "domain": "example"}Responses
Section titled “ Responses ”Passkey assertion options
Media type application/json
object
challenge_id
required
string format: uuid
options
required
object
Example generated
{ "challenge_id": "2489E9AD-2EE2-8E00-8EC9-32D5F69181C0", "options": {}}No passkeys enrolled
Media type application/json
object
code
required
Machine-readable error code (e.g. “not_found”, “tenant_mismatch”).
string
message
required
Human-readable description of the error.
string
details
Optional additional context about the error.
object
key
additional properties
any
notices
Policy notices from determining Cedar rules, if applicable.
Array<string>
Example generated
{ "code": "example", "message": "example", "details": {}, "notices": [ "example" ]}