Login

POST /auth/login/init

First call to make in order for the user to authenticate himself using

Headers

Name

Value

Content-Type

application/json

platform

android|ios|web

x-join-api-key

api_token

Body (Json)

Name

Type

Description

email

string

email of the user

Response

{
  "serverPublicKeyCredentialsGetOptions": {
    "timeout": number,
    "userVerification": string,
    "rpId": string,
    "challenge": string,
    "allowCredentials": [
      // list of WebAuthn credentials that the user can use to sign the login challenge
      {
        "type": "public-key",
        "id": string
      }
    ]
  },
  "challengeIdentifier": string
}

POST /auth/login

Finish login workflow

Authorization header is the challengeIdentifier from the /login/init network call

Headers

Name

Value

Content-Type

application/json

x-join-key

api_token

Body (Json)

Use the passkey authenticator depending on the operating system - Mobile: Use passkey library - Web: Web authenticator library

The JSON below is generated by the authenticator library and must be passed in body to complete login

{
  "clientExtensionResults": {
    "largeBlob": {}
  },
  "id": string,
  "rawId": string,
  "response": {
    "authenticatorData": string,
    "clientDataJSON": string,
    "signature": string,
    "userHandle": string"
  },
  "type": string
}

Response

{
  "token": string
}

PreviousRegister NextPortfolio Indexor

Last updated 1 year ago