Login Complete

Login Complete #


loginComplete


How to complete a login function using a Passkey #

The loginComplete function finalizes the login process after the passkey has been successfully verified on the user’s device. This involves sending the FIDO2 attestation credentials to the AppKey server to confirm the login.

Typically, the client-side SDK will automatically populate the necessary REST API parameters, ensuring that the correct data is sent to the server.​

URL #

    /api/appuser/loginComplete

Method #

    POST

Headers #

	app-token: "<App Token>"

Data Parameter #

    {
        handle: <user handle>,
        id: <assertion id>,
        response: {
            authenticatorData: <authenticator data>,
            clientDataJSON: <client data JSON object>,
            signature: <assertion signature>,
            userHandle: <user handle>
        }
    }

Response: #

Success: #

StatusCode: #
    200 (OK)
Contents: #
    {
        appId: <uuid>,
        appUserId: <uuid>,
        handle: <email | phone_number>,
        displayName: <display name>,
        status: <'active', 'suspended'>,
        lastLogin: "2024-09-03T13:21:34.000Z",
        userName: <user name>,
        authenticators: [
            {
                id: <authenticator_id>,
                publicKey: <public key>,
                counter: 0,
                deviceType: "multiDevice",
                credentialBackedUp: true,
                name: <displayName-platform>,
                type: "public-key",
                transports: "internal",
                platform: <authenticator platform>,
                lastUsed: "2024-09-03T13:21:34.000Z",
                createdAt: "Mon, 02 Sep 2024 14:56:46 GMT",
                updatedAt: "Mon, 02 Sep 2024 14:56:46 GMT"
            }
        ],
        locale: <current locale>,
        jwt: <jwt token>
        access-token: <jwt access token>,
        createdAt: "2024-09-02T08:16:07.000Z",
        updatedAt: "2024-09-03T13:21:30.000Z",
    }

Error: #

StatusCode: #
    400 (BAD REQUEST)
    500 (INTERNAL SERVER ERROR)
Content: #
    {
        code: "<internal error code>",
        message: "<readable error description>"
    }

The internal codes are integers:

  • 400 - invalid app token
  • 401 - app no longer exists
  • 402 - app is suspended
  • 403 - missing parameter
  • 404 - user account is suspended
  • 413 - app is migrated
  • 500 - internal server error
  • 600 - invalid login credentials
  • 611 - apple account already exist
  • 612 - google account already exist