Add Passkey #

addpasskey

How to add a passkey to an account #

This function starts the process of adding a passkey to an existing account. You may have already registered a passkey on one device (e.g., an iPhone running iOS) but now want to set one up on another device (e.g., an Android phone or an iOS device linked to a different Apple ID). The Add Passkey function lets you do exactly that.

AppKey supports multiple passkeys per user account. Typically, you’d authenticate on the second device by scanning a FIDO2 QR code with the first device, since the second device doesn’t yet have a passkey. Once authenticated, you can then call Add Passkey on the second device to register a new passkey in its keychain—still using the first device as the trusted authenticator.

To use Add Passkey, the user must be logged in and have a valid access token.

The Add Passkey process consists of two REST API calls:

addPaskey
addPasskeyComplete

URL #

    /api/appuser/addPasskey

Method #

    POST

Headers #

    access-token: "<Access Token>"

Data Parameter #

    none

Response: #

Success: #

StatusCode: #

    200 (OK)

Contents: #

    {
        challenge: "<FIDO2 challenge>", 
        user: {
            id: "<user id>", 
            name: "<handle>(<app id>)", 
            displayName: "<user display name>",
            handle: "<user handle>”
        }
    }

Error: #

StatusCode: #

    400 (BAD REQUEST)
    500 (INTERNAL SERVER ERROR)

Content: #

    {
        code: "<internal error code>",
        message: "<readable error description>"
    }

The internal codes are integers:

400 - invalid app token
401 - app no longer exists
402 - app is suspended
403 - missing parameter
404 - user account is suspended
407 - app does not support signup
413 - app is migrated
500 - internal server error
601 - handle already registered
609 - invalid locale