The following request body is sent during the registration call:
{
"svcinfo": {
"did": 1,
"protocol": "FIDO2_0",
"authtype": "PASSWORD",
"svcusername": "svcfidouser",
"svcpassword": "Abcd1234!"
},
"payload": {
"publicKeyCredential": {
"id": "MBDVxPOZ5To939FLGuhTPaaMA1jqTvajZrqWKbnI81yhEndkjQPbL7Q6W5TerIq_rowNstdvrXCLsOw4aO1-xJB-Q4-WkNPMdYhIiN9yt0rRIiev917ezeNzwIosjrN99MUHR_J_Sw6Js4Q49mllAgZ-gaxnqd7pmIX_V6B7oDfWaKmvImwxo3pGXqXb-6pboouYVbiMl6WA-TooklND0pIXWxdp2SvbfkoIur-c8wA",
"rawId": "MBDVxPOZ5To939FLGuhTPaaMA1jqTvajZrqWKbnI81yhEndkjQPbL7Q6W5TerIq_rowNstdvrXCLsOw4aO1-xJB-Q4-WkNPMdYhIiN9yt0rRIiev917ezeNzwIosjrN99MUHR_J_Sw6Js4Q49mllAgZ-gaxnqd7pmIX_V6B7oDfWaKmvImwxo3pGXqXb-6pboouYVbiMl6WA-TooklND0pIXWxdp2SvbfkoIur-c8wA",
"response": {
"attestationObject": "o2NmbXRmcGFja2VkZ2F0dFN0bXSjY2FsZyZjc2lnWEgwRgIhAJ4iYNBFTz_LTi37Dts5HDpHpEnqBK6y_ZE2LuwHWR_OAiEA_-RFrFoDVkqYUTf-0DDnvsU5FT8wqheH4pHbyvqjh_djeDVjgVkB5DCCAeAwggGDoAMCAQICBGwrWPIwDAYIKoZIzj0EAwIFADBkMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOU3Ryb25nQXV0aCBJbmMxIjAgBgNVBAsTGUF1dGhlbnRpY2F0b3IgQXR0ZXN0YXRpb24xGDAWBgNVBAMMD0F0dGVzdGF0aW9uX0tleTAeFw0xOTA3MTgxNzExMjdaFw0yOTA3MTUxNzExMjdaMGQxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5TdHJvbmdBdXRoIEluYzEiMCAGA1UECxMZQXV0aGVudGljYXRvciBBdHRlc3RhdGlvbjEYMBYGA1UEAwwPQXR0ZXN0YXRpb25fS2V5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEMfSGPrr3xL2fR2iV98mmJjqkiGEMUtzotxHe4sOM1xkeQuEWisjkHiLtYStkAoKKttdCo8DRVN06bKgDGS2ZhaMhMB8wHQYDVR0OBBYEFDRC0OBwQ401s4_RNGe9fROBHi8YMAwGCCqGSM49BAMCBQADSQAwRgIhAO0W0djQrcjEMIshhjgA8vKwx4zRT5WRvCKfZK_YgCorAiEAot3DQBY0y9N_rJOwtZYo-yUOpju64X3QzHw10o3oMLloYXV0aERhdGFZATSyyBYoH-owyRyy_WxSXxKdk4SXIbgPcYuaz8s47lSqOkEAAAAAAAAAAAAAAAAAAAAAAAAAAACwMBDVxPOZ5To939FLGuhTPaaMA1jqTvajZrqWKbnI81yhEndkjQPbL7Q6W5TerIq_rowNstdvrXCLsOw4aO1-xJB-Q4-WkNPMdYhIiN9yt0rRIiev917ezeNzwIosjrN99MUHR_J_Sw6Js4Q49mllAgZ-gaxnqd7pmIX_V6B7oDfWaKmvImwxo3pGXqXb-6pboouYVbiMl6WA-TooklND0pIXWxdp2SvbfkoIur-c8wClAQIDJiABIVggYuHJDPmHnCV9BJSQoPFp1r05eYfEzavw3JRQzLPg7tYiWCCCLNLY2cuivtzxnwOSYHhKYOPHMmTcyRW4_Jy2IUZqFA",
"clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiRkNNMHV0SWxwNEt3NG8yRHB6bnI1USIsIm9yaWdpbiI6Imh0dHBzOi8vc2FrYTIwOS5zdHJvbmdhdXRoLmNvbSJ9"
},
"type": "public-key"
},
"strongkeyMetadata": {
"version": "1.0",
"create_location": "Sunnyvale, CA",
"origin": "https://<FQDN>",
"username": "johndoe"
},
"appTXID": "exampleappTXID"
}
}
Value |
Explanation |
---|---|
did |
Unique identifier for an SKFS cryptographic domain. Unless you are using a StrongKey Tellaro appliance, this defaults to 1. |
protocol |
The FIDO protocol to be used in this request (FIDO2_0). |
authtype |
The type of authentication supplied in this service request—it must be PASSWORD or HMAC (see API Security for details); the example shown here is for PASSWORD type of authentication. |
svcusername |
The username of the service credential requesting this web service. |
svcpassword |
The password of the service credential requesting this web service. When PASSWORD authtype is used, SKFS uses entries in a previously configured Lightweight Directory Access Protocol (LDAP) or Active Directory (AD) to authenticate the credential (see Manage Credentials [SKFS ⇒ Administration ⇒ Security] for details). |
Value |
Explanation |
id |
The FIDO credential identifier. Also known as credentialId within the JavaScript API—Web Authentication (WebAuthn)—it returns a Base64url encoding of the FIDO credential.
|
rawid |
An implementation of an ArrayBuffer containing the raw byte sequence of the credentialId |
attestationObject |
A complex data structure with information an RP should use to determine if they will accept the registration and use the newly generated credential to authenticate the user. This attribute is embedded inside a response object within publicKeyCredential.
|
clientDataJSON |
A serialized representation of a JSON structure whose message digest (aka hash) is digitally signed by the FIDO Authenticator in response to a FIDO signing operation. This attribute is also embedded inside a response object within publicKeyCredential.
|
type |
The type of credential—in the case of FIDO, this will always be public-key. |
Value |
Explanation |
version |
This attribute describes the version number of the strongkeyMetadata JSON object embedded in the web service request. This JSON object provides to the RP application useful data that are not critical to the FIDO capabilities—but which applications can extend and rely upon for business use-cases. |
create_location |
If available and enabled on the client device, this attribute provides the resolution of Global Positioning System (GPS) coordinates ascertained by applications. |
origin |
This is a string of the RP origin (RFC-6525 representation of the application’s URL), so it can be easily accessible to the web application. |
username |
This is a string of the name of the user using the application, so it can be easily accessible to the web application. |
appTXID |
An optional string within any SKFS web service request body's payload JSON object that, if added, will attach the appTXID value to the TXID logged by the server. |