Initialize WebAuthn login

Initialize a login with Webauthn. Returns a JSON representation of CredentialRequestOptions for use with the Webauthn API’s navigator.credentials.get().

Omitting the optional request body or using an empty JSON object results in generation of request options for a login using a discoverable credential (i.e. they will not contain allowCredentials).

Note: The Webauthn API uses binary data represented by ArrayBuffers for certain input/output values. The Hanko API returns these values as base64url-encoded, so they must be converted to ArrayBuffers when passed to the Webauthn API. Similarly, Webauthn API output must be converted to base64url-encoded values when passed to the Hanko API (e.g. using the webauthn-json library).

POST

webauthn

initialize

curl --request POST \
  --url https://{tenant_id}.hanko.io/webauthn/login/initialize \
  --header 'Content-Type: application/json' \
  --data '{
  "user_id": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"
}'

{
  "publicKey": {
    "challenge": "qgOI+0KpGnl9NOqaT6dfsYvi96R87LgpErnvePeOgSU=",
    "timeout": 60000,
    "rpId": "localhost",
    "allowCredentials": [
      {
        "type": "public-key",
        "id": "Mepptysj5ZZrTlg0qiLbsZ068OtQMeGVAikVy2n1hvvG..."
      }
    ],
    "userVerification": "required"
  }
}

Deprecated. Please use the Flow API instead. What’s the Flow API?.

Body

application/json

user_id

string

The ID of the user on whose behalf WebAuthn login should be performed

Response

200

application/json

Successful initialization

Options for assertion generation with the WebAuthn API

publicKey

object

Was this page helpful?

Suggest edits Raise issue

Create/Set a password Finalize WebAuthn login

curl --request POST \
  --url https://{tenant_id}.hanko.io/webauthn/login/initialize \
  --header 'Content-Type: application/json' \
  --data '{
  "user_id": "c339547d-e17d-4ba7-8a1d-b3d5a4d17c1c"
}'

{
  "publicKey": {
    "challenge": "qgOI+0KpGnl9NOqaT6dfsYvi96R87LgpErnvePeOgSU=",
    "timeout": 60000,
    "rpId": "localhost",
    "allowCredentials": [
      {
        "type": "public-key",
        "id": "Mepptysj5ZZrTlg0qiLbsZ068OtQMeGVAikVy2n1hvvG..."
      }
    ],
    "userVerification": "required"
  }
}