Skip to main content
POST
/
auth
/
passkeys
Register a passkey
curl --request POST \
  --url https://api.guile.app/auth/passkeys \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "iPhone 15 Pro",
  "credential": "<string>"
}
'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "name": "iPhone 15 Pro",
  "credentialId": "<string>",
  "createdAt": "2023-11-07T05:31:56Z",
  "updatedAt": "2023-11-07T05:31:56Z",
  "lastUsedAt": "2023-11-07T05:31:56Z"
}

Body

application/json

The properties required for registering a new passkey.

This includes the WebAuthn credential creation response from the authenticator.

ā€‹
name
string
required

A user-friendly name for the passkey to help identify the device or authenticator.

Maximum string length: 100
Example:

"iPhone 15 Pro"

ā€‹
credential
string
required

The WebAuthn credential creation response from the authenticator. This is a JSON-serialized PublicKeyCredential object.

Response

Created.

The JSON representation of a registered passkey.

Passkeys use WebAuthn for secure, passwordless authentication.

ā€‹
id
string<uuid>
required

The unique identifier for this passkey.

ā€‹
name
string
required

A user-friendly name for the passkey to help identify the device or authenticator.

Maximum string length: 100
Example:

"iPhone 15 Pro"

ā€‹
credentialId
string
required

The credential ID from the WebAuthn authenticator. This is a base64url-encoded string.

ā€‹
createdAt
string<date-time>
required

The date-time when this resource was created, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC. This is derived and immutable.

ā€‹
updatedAt
string<date-time>
required

The date-time when this resource was updated, in RFC 3339 date-time YYYY-MM-DDThh:mm:ss.sssZ format, UTC. This is derived and immutable.

ā€‹
lastUsedAt
string<date-time>

The date-time when this passkey was last used for authentication, in RFC 3339 date-time format, UTC.