Skip to main content
POST
/
auth
/
passkeyRegistrationOptions
Get passkey registration options
curl --request POST \
  --url https://api.guile.app/auth/passkeyRegistrationOptions \
  --header 'Authorization: Bearer <token>'
{
  "challenge": "<string>",
  "relyingParty": {
    "id": "guile.app",
    "name": "Guile"
  },
  "publicKeyCredentialParameters": [
    {
      "type": "public-key",
      "algorithm": "ES256"
    }
  ],
  "authenticatorSelection": {
    "authenticatorAttachment": "platform",
    "residentKey": "discouraged",
    "userVerification": "required"
  },
  "timeout": 60000,
  "attestation": "none"
}

Response

Ok. The operation succeeded.

WebAuthn credential creation options for registering a passkey.

These options configure the authenticator to create a discoverable credential (resident key) that enables usernameless authentication. The server automatically generates user information based on the authenticated user.

challenge
string
required

The challenge for the credential creation ceremony. This is a base64url-encoded random value.

relyingParty
object
required

The relying party information.

publicKeyCredentialParameters
object[]
required

The list of supported public key credential parameters.

authenticatorSelection
object
required

Authenticator selection criteria. Configured to create discoverable credentials.

timeout
integer<int32>

The timeout for the credential creation ceremony in milliseconds.

Example:

60000

attestation
enum<string>

Attestation conveyance preference.

Available options:
none,
indirect,
direct,
enterprise