HelioAuth logo
API docs by Redocly

HelioAuth Passkeys API (v1)

Download OpenAPI specification:Download

Contact our support: [email protected] URL: https://helioauth.com/ License: Apache 2.0
Contribute to these docs in GitHub

Introduction

This is the official documentation of HelioAuth Passkeys API. It provides a simple interface for user authentication with WebAuthn passkeys.

Getting started

Start by creating an application at /admin/v1/apps. Then, get its API key from /admin/v1/apps/{id}/api-key.

Sign-up

Passkey sign-up from browser

Start sign-up

(Can be called from the browser)

Generates a challenge ready to be passed to navigator.credentials.create(options)

Authorizations:
app-id
Request Body schema: application/json
required
name
required
string

Username to be registered. This can also be an identifier or an email address.

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-up request.

options
string

Options to pass to navigator.credentials.create() serialized in a JSON string

Request samples

Content type
application/json
{
  • "name": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "options": "string"
}

Complete sign-up

Completes the sign-up process by verifying the attestation and registering the new credential.

Authorizations:
app-api-key
Request Body schema: application/json
required
requestId
string

Unique identifier for the sign-up request (from /v1/signup/start)

publicKeyCredential
string

The result of navigator.credentials.create(options) serialized as JSON

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-up request.

userId
string <uuid>

Unique identifier for the newly registered user.

Request samples

Content type
application/json
{
  • "requestId": "string",
  • "publicKeyCredential": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b"
}

Sign-in

Passkey sign-in from browser

Start sign-in

(Can be called from the browser)

Generates a challenge ready to be passed to navigator.credentials.get(options).

Authorizations:
app-id
Request Body schema: application/json
required
name
string

Name of the user attempting to sign in.

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-in request.

accountExists
boolean

Indicates whether or not this account exists

options
string

JSON object representing the options argument that should be passed to navigator.credentials.get(options) if accountExists is true or to navigator.credentials.create(options) if accountExists is false.

Request samples

Content type
application/json
{
  • "name": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "accountExists": true,
  • "options": "string"
}

Complete sign-in

Validates the credential response from the client and returns the user's identifier.

Authorizations:
app-api-key
Request Body schema: application/json
required
requestId
string

Unique identifier for the sign-in request (returned by /v1/signin/start).

publicKeyCredentialWithAssertion
string

The result of navigator.credentials.get(options) serialized as JSON.

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-in request.

username
string

Username of the entity that signed in.

Request samples

Content type
application/json
{
  • "requestId": "string",
  • "publicKeyCredentialWithAssertion": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "username": "string"
}

Users

User account management

Initiate adding a new passkey to user account

Initiates the process of adding a new passkey to a user's account.

Request Body schema: application/json
required
name
required
string

Username to be registered. This can also be an identifier or an email address.

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-up request.

options
string

Options to pass to navigator.credentials.create() serialized in a JSON string

Request samples

Content type
application/json
{
  • "name": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "options": "string"
}

Complete the passkey addition process

Completes the process of adding a new passkey to a user's account.

Request Body schema: application/json
required
requestId
string

Unique identifier for the sign-up request (from /v1/signup/start)

publicKeyCredential
string

The result of navigator.credentials.create(options) serialized as JSON

Responses

Response Schema: application/json
requestId
string

Unique identifier for the sign-up request.

userId
string <uuid>

Unique identifier for the newly registered user.

Request samples

Content type
application/json
{
  • "requestId": "string",
  • "publicKeyCredential": "string"
}

Response samples

Content type
application/json
{
  • "requestId": "string",
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b"
}

Get user's credentials

Retrieves a list of credentials associated with a specific user by UUID.

path Parameters
uuid
required
string <uuid>

Responses

Response Schema: application/json
Array of objects (PasskeyCredential)

A list of user credentials.

Response samples

Content type
application/json
{
  • "passkeys": [
    ]
}

Delete user

Deletes a specific user by their UUID.

path Parameters
uuid
required
string <uuid>

Responses

Applications

CRUD operations for client applications.

List all applications

Retrieves a list of all applications.

Authorizations:
admin-api

Responses

Response Schema: application/json
Array
id
string <uuid>

Unique identifier for the application.

name
string

Name of the application. Used internally.

createdAt
string <date-time>

Timestamp when the application was created.

updatedAt
string <date-time>

Timestamp when the application was last updated.

relyingPartyHostname
string

Hostname of the relying party.

relyingPartyName
string

Name of the relying party presented to clients.

Response samples

Content type
application/json
[
  • {
    }
]

Add a new application

Creates a new application and returns its details.

Authorizations:
admin-api
Request Body schema: application/json
required
name
string

Name of the new application.

relyingPartyHostname
string

Hostname of the application, e.g. example.com

relyingPartyName
string

Name of the relying party presented to clients.

Responses

Response Schema: application/json
id
string <uuid>

Unique identifier for the application.

name
string

Name of the application. Used internally.

createdAt
string <date-time>

Timestamp when the application was created.

updatedAt
string <date-time>

Timestamp when the application was last updated.

relyingPartyHostname
string

Hostname of the relying party.

relyingPartyName
string

Name of the relying party presented to clients.

Request samples

Content type
application/json
{
  • "name": "string",
  • "relyingPartyHostname": "string",
  • "relyingPartyName": "string"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "relyingPartyHostname": "string",
  • "relyingPartyName": "string"
}

Get an application

Retrieves details of a specific application by its ID.

Authorizations:
admin-api
path Parameters
id
required
string <uuid>

Responses

Response Schema: application/json
id
string <uuid>

Unique identifier for the application.

name
string

Name of the application. Used internally.

createdAt
string <date-time>

Timestamp when the application was created.

updatedAt
string <date-time>

Timestamp when the application was last updated.

relyingPartyHostname
string

Hostname of the relying party.

relyingPartyName
string

Name of the relying party presented to clients.

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "relyingPartyHostname": "string",
  • "relyingPartyName": "string"
}

Edit an application

Updates the name of a specific application by its ID.

Authorizations:
admin-api
path Parameters
id
required
string <uuid>
Request Body schema: application/json
required
name
string

Name of the application.

relyingPartyHostname
string

Hostname of the relying party.

relyingPartyName
string

Name of the relying party presented to clients.

Responses

Response Schema: application/json
id
string <uuid>

Unique identifier for the application.

name
string

Name of the application. Used internally.

createdAt
string <date-time>

Timestamp when the application was created.

updatedAt
string <date-time>

Timestamp when the application was last updated.

relyingPartyHostname
string

Hostname of the relying party.

relyingPartyName
string

Name of the relying party presented to clients.

Request samples

Content type
application/json
{
  • "name": "string",
  • "relyingPartyHostname": "string",
  • "relyingPartyName": "string"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "string",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "relyingPartyHostname": "string",
  • "relyingPartyName": "string"
}

Delete an application

Deletes a specific application by its ID.

Authorizations:
admin-api
path Parameters
id
required
string <uuid>

Responses

Get an application's API key

Retrieves the API key of a specific application by its ID.

Authorizations:
admin-api
path Parameters
id
required
string <uuid>

Responses

Response Schema: application/json
apiKey
string

API key for the client application.

Response samples

Content type
application/json
{
  • "apiKey": "string"
}

Delete an application's API key

Deletes the API key for a specific application by its ID.

Authorizations:
admin-api
path Parameters
id
required
string <uuid>

Responses