/webauthn/authenticate-assertion

These are the possible response codes when you make an API call to the /webauthn/authenticate-assertion endpoint.

Response Code

Error

Message

Scenario

Resolution

200 OK

authorization_code value

response_type is code.

200 OK

access_token value

response_type is token.

401 Unauthorized

http_exception

Unauthorized

Invalid session_id

Supply a valid session_id from authenticate options.

403 Forbidden

http_exception

Forbidden

Invalid client_id. Could not find client settings.

Recheck and supply a valid client_id.

422 Unprocessable Entity

Invalid_parameters

{
"":"field required"
}

No client_id, session_id, or public_key supplied

response_type should only either be code or token.

422 Unprocessable Entity

Invalid_parameters

{"redirect_uri":
{"invalid": "invalid value"}
}

Invalid redirect_uri

Supply a redirect_uri available in the redirect_uri_whitelist.

500 Internal Server Error

Internal_error

Invalid assertion parameter

Get a valid assertion parameter from the relying party.