Create credential
Adds a new credential to the user's account. This endpoint finalizes the standard Create Credential flow by submitting the signed challenge generated inCreate credential challenge.
- HTTP request
- POST /auth/credentials
- Authorization requirements
-
Header Type Required Description Authorizationstring Yes Bearer token used to authenticate the request. See Authentication flows for instructions on generating this token. X-DFNS-USERACTIONstring Yes User action signature used to authorize change-inducing requests. See User Action Signing flows for instructions on generating this signature. - Request body
- The structure of the request depends on the credential type. The following describes the FIDO2 request.
FIDO2 and Passkeys: Registers a FIDO2 credential, also known as a Passkey or WebAuthN credential.
Field Type Required Description credentialKindenum (string) Yes The credential kind. Valid value: Fido2.credentialInfoobject Yes credentialNamestring Yes Minimum length: 1. challengeIdentifierstring Yes Minimum length: 1. curl --request POST \ --url https://api.digitalassets.ibm.com/auth/credentials \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --header 'X-DFNS-USERACTION: <api-key>' \ --data ' { "credentialKind": "Fido2", "credentialInfo": { "credId": "<string>", "clientData": "<string>", "attestationData": "<string>" }, "credentialName": "<string>", "challengeIdentifier": "<string>" } ' - Response
- 200: Success
Returns details about the newly created credential.
Example response:
{ "kind": "Fido2", "credentialId": "<string>", "credentialUuid": "<string>", "dateCreated": "<string>", "isActive": true, "name": "<string>", "publicKey": "<string>", "relyingPartyId": "<string>", "origin": "<string>" }