Profile
Initialize or advance a profile flow.
https://{tenant_id}.hanko.io
Authorizations
Query Parameters
String of the format {action_name}@{flow_id}
. Indicates the action to perform on the flow with the
given flow_id
. Omitting the query parameter initializes a new flow.
Note for playground usage: You can derive the value for this query parameter from the action
's href
property in a flow state response, e.g. for an href
value of
/login?action=register_client_capabilities%4015655672-41ca-48cc-afb1-90be77075764
the (non-URL-encoded) value
would be register_client_capabilities@15655672-41ca-48cc-afb1-90be77075764
.
Body
Input data for the register_client_capabilities
action.
Not required on flow initialization, i.e. on requests without an action
query parameter.
Required on all other requests performing an action, i.e. on requests that use an action
query parameter. Should be the csrf_token
value from the most recent flow state response.
Response
List of actions that can be performed in the current flow state in order to advance the flow to the next state.
Depending on user details (e.g. presence or absence of credentials) or the tenant's configuration some actions may or may not be present in the response.
The name of the flow state.
preflight
Additional data that can be used by the client (e.g user
data provided in the
profile flow) or should/must be used as intermediary data in an out of band process to produce input data
for advancing the flow (e.g. the WebAuthn credential request/creation options that must be passed to the
Webauthn API to produce an assertion/attestation).
The HTTP response status code for this flow response.
200
Token to prevent Cross-Site Request Forgeries.
Was this page helpful?