FIDO2 Server Endpoints

FIDO2 Server Endpoints

Endpoints provide FIDO2 clients the ability to communicate with the FIDO2 server.

Endpoint Name Description Example
Credential Creation Options Attestation options request. First step of registration. Options returned by the server are intended to be used with WebAuthn's navigator.credentials.create(). https://server.com/mga/sps/fido2/<relying_party>/attestation/options
Authenticator Attestation Response Attestation result request. Second step of registration. The result of the navigator.credentials.create() request is sent to the server, which validates the challenges, origins, signatures, and the rest of the request. If validation passes, the registration is saved. https://server.com/mga/sps/fido2/<relying_party>/attestation/result
Credential Get Options Assertion options request. First step of authentication. The options returned by the server are intended to be used with WebAuthn’s navigator.credentials.get(). https://server.com/mga/sps/fido2/<relying_party>/assertion/options
Authenticator Assertion Response Assertion result request. Second step of authentication. The result of the navigator.credentials.get() request is sent to the server, which validates the assertion. If validation passes, the authentication was successful https://server.com/mga/sps/fido2/<relying_party>/assertion/result

Parent topic: FIDO and WebAuthn Support

Endpoint Name	Description	Example
Credential Creation Options	Attestation options request. First step of registration. Options returned by the server are intended to be used with WebAuthn's navigator.credentials.create().	https://server.com/mga/sps/fido2/<relying_party>/attestation/options
Authenticator Attestation Response	Attestation result request. Second step of registration. The result of the navigator.credentials.create() request is sent to the server, which validates the challenges, origins, signatures, and the rest of the request. If validation passes, the registration is saved.	https://server.com/mga/sps/fido2/<relying_party>/attestation/result
Credential Get Options	Assertion options request. First step of authentication. The options returned by the server are intended to be used with WebAuthn’s navigator.credentials.get().	https://server.com/mga/sps/fido2/<relying_party>/assertion/options
Authenticator Assertion Response	Assertion result request. Second step of authentication. The result of the navigator.credentials.get() request is sent to the server, which validates the assertion. If validation passes, the authentication was successful	https://server.com/mga/sps/fido2/<relying_party>/assertion/result