A AuthMS API Wiki API Reference iam.tianv.com →

POST /mfa/webauthn/credentials/register

生成 WebAuthn credential creation options (challenge, rp, user, pubKeyCredParams)

MFA `bearerAuth` application/json

Request Body

Schema: dto.BeginWebAuthnRegistrationRequest

FieldTypeRequiredExampleConstraintsDescription
display_name string No

Responses

StatusDescriptionSchema
200credentialCreationOptionsdto.DataResponse-protocol_CredentialCreation
400参数错误gitee_com_linmes_authms_base_dto.SimpleResponse
401未认证gitee_com_linmes_authms_base_dto.SimpleResponse
500服务器内部错误gitee_com_linmes_authms_base_dto.SimpleResponse

Referenced Schemas

dto.DataResponse-protocol_CredentialCreation

FieldTypeRequiredExampleConstraintsDescription
code integer No
data protocol.CredentialCreation No
message string No
timestamp string No

gitee_com_linmes_authms_base_dto.SimpleResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
message string No
timestamp string No

protocol.AttestationFormat

string

protocol.AuthenticationExtensions

Type: object

protocol.AuthenticatorAttachment

string

protocol.AuthenticatorSelection

FieldTypeRequiredExampleConstraintsDescription
authenticatorAttachment object No AuthenticatorAttachment If this member is present, eligible authenticators are filtered to only authenticators attached with the specified AuthenticatorAttachment enum.
requireResidentKey boolean No RequireResidentKey this member describes the Relying Party's requirements regarding resident credentials. If the parameter is set to true, the authenticator MUST create a client-side-resident public key credential source when creating a public key credential.
residentKey object No ResidentKey this member describes the Relying Party's requirements regarding resident credentials per Webauthn Level 2.
userVerification object No UserVerification This member describes the Relying Party's requirements regarding user verification for the create() operation. Eligible authenticators are filtered to only those capable of satisfying this requirement.

protocol.AuthenticatorTransport

string

protocol.ConveyancePreference

string

protocol.CredentialCreation

FieldTypeRequiredExampleConstraintsDescription
mediation protocol.CredentialMediationRequirement No
publicKey protocol.PublicKeyCredentialCreationOptions No

protocol.CredentialDescriptor

FieldTypeRequiredExampleConstraintsDescription
id array of

integer

 No CredentialID The ID of a credential to allow/disallow.
transports array of

See protocol.AuthenticatorTransport

 No The authenticator transports that can be used.
type object No The valid credential types.

protocol.CredentialMediationRequirement

string

protocol.CredentialParameter

FieldTypeRequiredExampleConstraintsDescription
alg webauthncose.COSEAlgorithmIdentifier No
type protocol.CredentialType No

protocol.CredentialType

string

protocol.PublicKeyCredentialCreationOptions

FieldTypeRequiredExampleConstraintsDescription
attestation protocol.ConveyancePreference No
attestationFormats array of

See protocol.AttestationFormat

 No
authenticatorSelection protocol.AuthenticatorSelection No
challenge array of

integer

 No
excludeCredentials array of

See protocol.CredentialDescriptor

 No
extensions protocol.AuthenticationExtensions No
hints array of

See protocol.PublicKeyCredentialHints

 No
pubKeyCredParams array of

See protocol.CredentialParameter

 No
rp protocol.RelyingPartyEntity No
timeout integer No
user protocol.UserEntity No

protocol.PublicKeyCredentialHints

string

protocol.RelyingPartyEntity

FieldTypeRequiredExampleConstraintsDescription
id string No A unique identifier for the Relying Party entity, which sets the RP ID.
name string No A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents: When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party, intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех". When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is intended only for display, i.e., aiding the user in determining the difference between user accounts with similar displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234".

protocol.ResidentKeyRequirement

string

protocol.UserEntity

FieldTypeRequiredExampleConstraintsDescription
displayName string No A human-palatable name for the user account, intended only for display. For example, "Alex P. Müller" or "田中 倫". The Relying Party SHOULD let the user choose this, and SHOULD NOT restrict the choice more than necessary.
id object No ID is the user handle of the user account entity. To ensure secure operation, authentication and authorization decisions MUST be made on the basis of this id member, not the displayName nor name members. See Section 6.1 of [RFC8266](https://www.w3.org/TR/webauthn/#biblio-rfc8266).
name string No A human-palatable name for the entity. Its function depends on what the PublicKeyCredentialEntity represents: When inherited by PublicKeyCredentialRpEntity it is a human-palatable identifier for the Relying Party, intended only for display. For example, "ACME Corporation", "Wonderful Widgets, Inc." or "ОАО Примертех". When inherited by PublicKeyCredentialUserEntity, it is a human-palatable identifier for a user account. It is intended only for display, i.e., aiding the user in determining the difference between user accounts with similar displayNames. For example, "alexm", "alex.p.mueller@example.com" or "+14255551234".

protocol.UserVerificationRequirement

string

webauthncose.COSEAlgorithmIdentifier

integer

Try this API in Scalar → Download OpenAPI spec (JSON) ↓