POST /webauthn-registration/api/v1/enroll
Enrolls a preregistered WebAuthn Factor. This WebAuthn Factor has a longer challenge timeout period to accommodate the fulfillment request process. As part of this operation, Okta generates EC key-pairs used to encrypt the Factor PIN and enrollment data sent by the fulfillment provider.
Servers
- https://{yourOktaDomain}
Request headers
| Name | Type | Required | Description |
|---|---|---|---|
Content-Type |
String | Yes |
The media type of the request body.
Default value: "application/json" |
Request body fields
| Name | Type | Required | Description |
|---|---|---|---|
userId |
String | No |
ID of an existing Okta user |
yubicoTransportKeyJWK |
Object | No |
Elliptic Curve Key in JWK format, currently used during enrollment to encrypt fulfillment requests to Yubico, or during activation to verify Yubico's JWS objects in fulfillment responses. The currently agreed protocol uses P-384. |
yubicoTransportKeyJWK.kty |
String | Yes |
The type of public key Possible values:
|
yubicoTransportKeyJWK.kid |
String | Yes |
The unique identifier of the key |
yubicoTransportKeyJWK.crv |
String | Yes |
Possible values:
|
yubicoTransportKeyJWK.use |
String | Yes |
The intended use for the key. The ECKeyJWK is always Possible values:
|
yubicoTransportKeyJWK.x |
String | Yes |
The public x coordinate for the elliptic curve point |
yubicoTransportKeyJWK.y |
String | Yes |
The public y coordinate for the elliptic curve point |
enrollmentRpIds[] |
Array | No |
List of Relying Party hostnames to register on the YubiKey. |
fulfillmentProvider |
String | No |
Name of the fulfillment provider for the WebAuthn Preregistration Factor Possible values:
|
How to start integrating
- Add HTTP Task to your workflow definition.
- Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
- Click Test request to test run your request to the API and see the API's response.