Title
Create new category
Edit page index title
Edit category
Edit link
Changes 2025.12.01
What's New
GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext
Get a TOTP for a user identified by external ID
POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext
Update an existing TOTP's status by external user ID
DELETE /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext
Delete a user TOTP by external user ID and user TOTP ID
GET /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}
Get TOTP registration for user identified by ID
POST /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}
Start a TOTP registration for an existing user identified by its internal ID within an identity store using the specified policy
POST /api/identity-store/stores/{storeName}/users/{userId}/totps/authentications/{policyName}
Perform TOTP authentication for an existing user identified by its internal ID within an identity store using the specified policy
POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/authentications/{policyName}/ext
Perform TOTP authentication for an existing user identified by its external ID within an identity store using the specified policy
POST /api/identity-store/stores/{storeName}/users/{userId}/totps/deregistrations/{policyName}
Deregister a TOTP for user identified by ID
POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/complete/ext
Complete a TOTP registration for an existing user identified by its external ID within an identity store using the specified policy
GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/ext
List registered TOTPs for a user (identified by external ID)
GET /api/identity-store/stores/{storeName}/totpPolicy/{policyName}
Get an existing TOTP policy by policy name
POST /api/identity-store/stores/{storeName}/totpPolicy/{policyName}
Update an existing TOTP policy for policy name
DELETE /api/identity-store/stores/{storeName}/totpPolicy/{policyName}
Delete an existing TOTP policy with policy name
POST /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}/complete
Complete a TOTP registration for an existing user identified by its internal ID within an identity store using the specified policy
GET /api/identity-store/stores/{storeName}/users/{userId}/totps
List registered TOTPs for a user (identified by internal ID)
POST /api/identity-store/stores/{storeName}/totpPolicy
Create a new TOTP policy within an identity store for policy name
GET /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}
Get a TOTP for a user identified by internal ID
POST /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}
Update an existing TOTP's status by internal user ID
DELETE /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}
Delete a user TOTP by internal user ID and user TOTP ID
GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/ext
Get TOTP registration for user identified by external ID
POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/ext
Start a TOTP registration for an existing user identified by its external ID within an identity store using the specified policy
POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/deregistrations/{policyName}/ext
Deregister a TOTP for user identified by external ID
What's Changed
Updated User Summary Info to include TOTPs
POST /api/identity-store/stores/{storeName}/users/{extId}/biometrics/{type}/ext
Return Type:
Changed response : 200 OK
User biometric updated successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.Added property
totps(array) > A list of TOTPs registered to the user
Items (object):
Property
id(string) > The database identifier of the entityProperty
createdDtm(string)Property
lastUpdatedDtm(string)Property
status(string) > The status of the user TOTP.
Enum values:
ACTIVEPENDINGDISABLEDProperty
issuer(string) > The issuer of the user TOTP.Property
username(string) > The user name label used for registering TOTP.Property
policyName(string) > TOTP Policy nameProperty
algorithm(string) > The algorithm used to validate the authentication code.Property
activatedDtm(string) > Date and time of the TOTP activation - this is time when first auth with TOTP happened and marked TOTP as active.Property
expirationDtm(string) > Expiration dtm for the pending TOTPs - this is time before which is possible to activate pending TOTP.Property
lastAuthenticatedWithDtm(string) > The time of the last authentication. If this TOTP has not been used for authentication then this field is not present.
POST /api/identity-store/stores/{storeName}/users
Request:
Changed content type : application/json
Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.Added property
totps(array) > A list of TOTPs registered to the user
Return Type:
Changed response : 201 Created
User created successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.Added property
totps(array) > A list of TOTPs registered to the user
GET /api/identity-store/stores/{storeName}/users/{userId}
Return Type:
Changed response : 200 OK
User retrieved successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Items (object):
POST /api/identity-store/stores/{storeName}/users/{userId}
Request:
Changed content type : application/json
Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.Added property
totps(array) > A list of TOTPs registered to the user
Return Type:
Changed response : 200 OK
User updated successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
GET /api/identity-store/stores/{storeName}/users/{extId}/ext
Return Type:
Changed response : 200 OK
User retrieved successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{extId}/ext
Request:
Changed content type : application/json
Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.Added property
totps(array) > A list of TOTPs registered to the user
Return Type:
Changed response : 200 OK
User updated successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/preferredDevices/ext
Return Type:
Changed response : 200 OK
User updated with the preferred device
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/preferredDevices
Return Type:
Changed response : 200 OK
User updated with the preferred device
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/{type}
Return Type:
Changed response : 200 OK
User biometric updated successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userExtId}/biometrics/authentications/failure/ext
Return Type:
Changed response : 200 OK
Failed biometric authentication recorded successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/authentications/failure
Return Type:
Changed response : 200 OK
Failed biometric authentication recorded successfully
Changed content type :
application/jsonChanged property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/passkeys/authentications
Return Type:
Changed response : 400 Bad Request
An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated passkey client.
NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.
Some of the more likely errors are:
348: The passkey matching the supplied credential ID is not active
352: The supplied client response message is not an authentication, it's a registration
353: The provided challenge is not the same as the challenge signed in the assertion
354: The origin in the client response is not in the restricted origins list
356: Token binding in the client response does not match the expected value
356: Token binding status missing from client response
362: No passkey was found matching the supplied credential ID
363: The passkey matching the supplied credential ID does not match the expected user
364: The authentication credential is not in the allowed credentials list
364: There is not user handle for this passkey and relying party ID found for the user
365: The user handle in the assertion does not match the expected user handle
372: Possible cloned authenticator. The signature counter is out of synch.
382: The origin in the client response does not start with https
383: The origin in the client response does not match the relying party ID
384: Session data not provided
386: Session data is missing the challenge
387: Session data is missing the relying party ID
394: Session data is missing authentication policy name
395: Operation success/failure response data not provided
397: Passkey authentication failed on the client
398: Passkey authentication was cancelled on the client
403: Passkey authentication timed out on the client
502: The user associated with this authentication is not active- 2100: The user is locked. Authentication cannot proceed.
2101: The user passkey modality is locked. Authentication cannot proceed.
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Passkey authentication completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
DELETE /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/registrations/keyIds/{keyId}
Return Type:
Changed response : 200 OK
User appkey(s) deleted successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/deregistrations
Return Type:
Changed response : 200 OK
User appkey(s) deleted successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/passkeys/registrations/sessions/{sessionId}
Return Type:
Changed response : 200 OK
Passkey registration completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/authentications/face
Return Type:
Changed response : 400 Bad Request
An error occurred - including the face match failing.
NOTE For convenience the updated user object is returned when there is a face match failure because it may contain updated information about the user lock state.
Possible error codes:
8: Face algorithm not supported
2005: The biometric type is not supported
2006: The biometric subtype is not supported
2100: The user is locked so authentication cannot be performed
2101: The face modality is locked so authentication cannot be performed
2102: The user is disabled so authentication cannot be performed
2103: The presented biometric is disabled so authentication cannot be performed
20114: Biometric data is not supplied in the request
20115: The specified biometric type is not supported
20120: An unexpected error occurred while generating face template
20121: An error occurred while attempting to perform a face match
20122: There is no suitable face data available for matching against the presented sample
20123: The matching process data is missing from the request
20124: The matching algorithm is missing from the request
20125: The matching threshold must be between 0 and 1
20126: The internal matching threshold must be between 0 and 1
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Face matched successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/appkeys/authentications/sessions/{sessionId}
Return Type:
Changed response : 400 Bad Request
An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating with a validated appkey client.
NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.
Some of the more likely errors are:
502: The user associated with this authentication is not active- 1014: Session data was provided but session management for this authentication is configured as internal
1017: The supplied client response message is not an authentication, it's a registration for example
1026: The application on the client device is not registered in the trusted facets list of the appkey policy
1029: The session challenge does not match the challenge in the client response
1035: The appkey type is not supported- 1058: No appkey was found which matched the appkey key ID supplied in the authentication assertion
1059: The appkey referenced in the authentication assertion was not registered to the expected user
1060: The appkey referenced in the authentication assertion is not active
1061: Potential appkey clone detected, the signature count is lower than expected.
1090: The single-shot challenge timestamp is outside the valid time window
1091: Malformed authentication response message from the client
1092: Client response message contains no authentication responses
1093: Client response message contains multiple authentication responses
1102: Malformed authentication failure response message from the client
1104: The authentication failed on the client
1105: The authentication was cancelled by the client
1115: Operation success/failure response data not provided
2100: The user is locked. Authentication cannot proceed.
2101: The user appkey modality is locked. Authentication cannot proceed.
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Appkey authentication completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
DELETE /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/registrations/keyIds/{keyId}/ext
Return Type:
Changed response : 200 OK
User appkey(s) deleted successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/deregistrations/ext
Return Type:
Changed response : 200 OK
User appkey(s) deleted successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/appkeys/registrations/sessions/{sessionId}
Return Type:
Changed response : 200 OK
Appkey registration completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/passkeys/registrations
Return Type:
Changed response : 200 OK
Passkey registration completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/passkeys/authentications/sessions/{sessionId}
Return Type:
Changed response : 400 Bad Request
An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated passkey client.
NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.
Some of the more likely errors are:
348: The passkey matching the supplied credential ID is not active
352: The supplied client response message is not an authentication, it's a registration
353: The provided challenge is not the same as the challenge signed in the assertion
354: The origin in the client response is not in the restricted origins list
356: Token binding in the client response does not match the expected value
356: Token binding status missing from client response
362: No passkey was found matching the supplied credential ID
363: The passkey matching the supplied credential ID does not match the expected user
364: The authentication credential is not in the allowed credentials list
364: There is not user handle for this passkey and relying party ID found for the user
365: The user handle in the assertion does not match the expected user handle
372: Possible cloned authenticator. The signature counter is out of synch.
382: The origin in the client response does not start with https
383: The origin in the client response does not match the relying party ID
388: Session data was provided but session management for this authentication is configured as internal
395: Operation success/failure response data not provided
397: Passkey authentication failed on the client
398: Passkey authentication was cancelled on the client
403: Passkey authentication timed out on the client
502: The user associated with this authentication is not active- 2100: The user is locked. Authentication cannot proceed.
2101: The user passkey modality is locked. Authentication cannot proceed.
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Passkey authentication completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/users/{extId}/biometrics/authentications/face/ext
Return Type:
Changed response : 400 Bad Request
An error occurred - including the face match failing.
NOTE For convenience the updated user object is returned when there is a face match failure because it may contain updated information about the user lock state.
Possible error codes:
8: Face algorithm not supported
2005: The biometric type is not supported
2006: The biometric subtype is not supported
2100: The user is locked so authentication cannot be performed
2101: The face modality is locked so authentication cannot be performed
2102: The user is disabled so authentication cannot be performed
2103: The presented biometric is disabled so authentication cannot be performed
20114: Biometric data is not supplied in the request
20115: The specified biometric type is not supported
20120: An unexpected error occurred while generating face template
20121: An error occurred while attempting to perform a face match
20122: There is no suitable face data available for matching against the presented sample
20123: The matching process data is missing from the request
20124: The matching algorithm is missing from the request
20125: The matching threshold must be between 0 and 1
20126: The internal matching threshold must be between 0 and 1
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Face matched successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/appkeys/authentications
Return Type:
Changed response : 400 Bad Request
An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated appkey client.
NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.
Some of the more likely errors are:
502: The user associated with this authentication is not active- 1009: Session data not provided
1011: Session data is missing the challenge
1012: Session data is missing the relying party ID
1017: The supplied client response message is not an authentication, it's a registration for example
1026: The application on the client device is not registered in the trusted facets list of the appkey policy
1029: The session challenge does not match the challenge in the client response
1035: The appkey type is not supported- 1055: Session data is missing the policy
1056: Session data is missing authentication policy name
1058: No appkey was found which matched the appkey key ID supplied in the authentication assertion
1059: The appkey referenced in the authentication assertion was not registered to the expected user
1060: The appkey referenced in the authentication assertion is not active
1061: Potential appkey clone detected, the signature count is lower than expected.
1090: The single-shot challenge timestamp is outside the valid time window
1091: Malformed authentication response message from the client
1092: Client response message contains no authentication responses
1093: Client response message contains multiple authentication responses
1102: Malformed authentication failure response message from the client
1104: The authentication failed on the client
1105: The authentication was cancelled by the client
1115: Operation success/failure response data not provided
2100: The user is locked. Authentication cannot proceed.
2101: The user appkey modality is locked. Authentication cannot proceed.
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Changed response : 200 OK
Appkey authentication completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
POST /api/identity-store/stores/{storeName}/appkeys/registrations
Return Type:
Changed response : 200 OK
Appkey registration completed successfully
Changed content type :
application/jsonChanged property
user(object) > A user in an identity store.Changed property
summaryInfo(object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.Added property
totps(array)
Updated Store Configuration Data to Include TOTP Configuration
GET/api/identity-store/stores/{storeName}/users/{userId}/authentications/{id}GET/api/identity-store/stores/{storeName}/users/{extUserId}/passkeys/{id}/registrationAudit/extGET/api/identity-store/stores/{storeName}/users/{userId}/appkeys/{id}/registrationAuditGET/api/identity-store/stores/{storeName}/users/{extId}/authentications/{id}/extGET/api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/{id}/registrationAudit/extGET/api/identity-store/stores/{storeName}/users/{userId}/passkeys/{id}/registrationAudit
Return Type:
Changed response : 200 OK
User authentication record retrieved successfully
Changed content type :
application/jsonChanged property
authAuditDisplayInfo(object) > An authentication audit dto, containing structures for app keys, pass keys, biometrics and TOTPs.Added property
totpAuditInfo(object) > A TOTP audit dto, 1 to 1 mapped to what should be shown in UI for TOTP authentication audit.Property
policyName(string)Property
algorithm(string)Property
registrationCreatedDtm(string)Property
registrationActivatedDtm(string)Property
authenticationDtm(string)Changed property
authAuditRecord(object) > An authentication audit record > An authentication record contains common fields such as the type and references to the tenant, store and user and specific information depending on the type: appkey/passkey/biometric/TOTP.Added property
totpInfo(object) > For TOTP authentications this field contains information specific to TOTP authenticationProperty
id(string) > The ID of the TOTP in the database.Property
policyName(string) > The TOTP policy defined.Property
algorithm(string) > The algorithm used to validate the authentication codeProperty
registrationCreatedDtm(string) > The TOTP's registration date/time.Property
registrationActivatedDtm(string) > The TOTP's activation date/time (first authentication date/time).Changed property
type(string) > A type of authentication audit maintained by the identiy store. Possible values: > - Passkey: Passkey authentication. > - Appkey: Appkey authentication. > - Face: Face authentication. > - Voice_TD: Voice text-dependent authentication. > - Voice_TI: Voice text-independent authentication.
Added enum value:
TOTP
Updated Store Configuration Data to Include TOTP Configuration
POST/api/identity-store/storesPOST/api/identity-store/stores/{storeName}/appkeyConfig/{rpId}POST/api/identity-store/stores/{storeName}/appkeyConfigPOST/api/identity-store/stores/{storeName}/passkeyConfig/{rpId}GET/api/identity-store/stores/{storeName}POST/api/identity-store/stores/{storeName}POST/api/identity-store/stores/{storeName}/passkeyConfig
Request:
Changed content type : application/json
Changed property
configuration(object) > Identity Store configuration settings. Contains global settings, user locking configuration and policies for face, appkey and passkey registration and authenticationAdded property
totpPolicies(object) > Map of TOTP policies keyed by policy name. Required for TOTP authentication.
Return Type:
Changed response : 201 Created
Store created successfully
Changed content type :
application/jsonChanged property
configuration(object) > Identity Store configuration settings. Contains global settings, user locking configuration and policies for face, appkey and passkey registration and authenticationAdded property
totpPolicies(object) > Map of TOTP policies keyed by policy name. Required for TOTP authentication.