POST
/v1/auth/webauthn/update/start

Authorization

Descope Project ID:Refresh JWT
AuthorizationBearer <token>

Project ID:Refresh JWT as bearer token.

In: header

Request Body

application/json

loginId?string
origin?string
passkeyOptions?object
mfa?boolean

When mfa is true together with a valid refresh token, finishing the enrollment returns a session token whose amr merges the previously-passed auth factors with the newly-enrolled passkey, in a single ceremony. Otherwise enrollment only registers the credential.

Add a new WebAuthn device to an existing user

curl -X POST "https://api.descope.com/v1/auth/webauthn/update/start" \  -H "Content-Type: application/json" \  -d '{}'
{  "transactionId": "string",  "options": "string",  "create": true}
export interface Response {transactionId?: stringoptions?: stringcreate?: boolean}
Was this helpful?