Changes 2025.12.01

What's New

GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext

Get a TOTP for a user identified by external ID

POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext

Update an existing TOTP's status by external user ID

DELETE /api/identity-store/stores/{storeName}/users/{userExtId}/totps/{id}/ext

Delete a user TOTP by external user ID and user TOTP ID

GET /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}

Get TOTP registration for user identified by ID

POST /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}

Start a TOTP registration for an existing user identified by its internal ID within an identity store using the specified policy

POST /api/identity-store/stores/{storeName}/users/{userId}/totps/authentications/{policyName}

Perform TOTP authentication for an existing user identified by its internal ID within an identity store using the specified policy

POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/authentications/{policyName}/ext

Perform TOTP authentication for an existing user identified by its external ID within an identity store using the specified policy

POST /api/identity-store/stores/{storeName}/users/{userId}/totps/deregistrations/{policyName}

Deregister a TOTP for user identified by ID

POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/complete/ext

Complete a TOTP registration for an existing user identified by its external ID within an identity store using the specified policy

GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/ext

List registered TOTPs for a user (identified by external ID)

GET /api/identity-store/stores/{storeName}/totpPolicy/{policyName}

Get an existing TOTP policy by policy name

POST /api/identity-store/stores/{storeName}/totpPolicy/{policyName}

Update an existing TOTP policy for policy name

DELETE /api/identity-store/stores/{storeName}/totpPolicy/{policyName}

Delete an existing TOTP policy with policy name

POST /api/identity-store/stores/{storeName}/users/{userId}/totps/registrations/{policyName}/complete

Complete a TOTP registration for an existing user identified by its internal ID within an identity store using the specified policy

GET /api/identity-store/stores/{storeName}/users/{userId}/totps

List registered TOTPs for a user (identified by internal ID)

POST /api/identity-store/stores/{storeName}/totpPolicy

Create a new TOTP policy within an identity store for policy name

GET /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}

Get a TOTP for a user identified by internal ID

POST /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}

Update an existing TOTP's status by internal user ID

DELETE /api/identity-store/stores/{storeName}/users/{userId}/totps/{id}

Delete a user TOTP by internal user ID and user TOTP ID

GET /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/ext

Get TOTP registration for user identified by external ID

POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/registrations/{policyName}/ext

Start a TOTP registration for an existing user identified by its external ID within an identity store using the specified policy

POST /api/identity-store/stores/{storeName}/users/{userExtId}/totps/deregistrations/{policyName}/ext

Deregister a TOTP for user identified by external ID

What's Changed

Updated User Summary Info to include TOTPs

POST /api/identity-store/stores/{storeName}/users/{extId}/biometrics/{type}/ext

Return Type:

Changed response : 200 OK

User biometric updated successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.
• Added property totps (array) > A list of TOTPs registered to the user

Items (object):

• Property id (string) > The database identifier of the entity
• Property createdDtm (string)
• Property lastUpdatedDtm (string)
• Property status (string) > The status of the user TOTP.

Enum values:

• ACTIVE
• PENDING
• DISABLED
• Property issuer (string) > The issuer of the user TOTP.
• Property username (string) > The user name label used for registering TOTP.
• Property policyName (string) > TOTP Policy name
• Property algorithm (string) > The algorithm used to validate the authentication code.
• Property activatedDtm (string) > Date and time of the TOTP activation - this is time when first auth with TOTP happened and marked TOTP as active.
• Property expirationDtm (string) > Expiration dtm for the pending TOTPs - this is time before which is possible to activate pending TOTP.
• Property lastAuthenticatedWithDtm (string) > The time of the last authentication. If this TOTP has not been used for authentication then this field is not present.

POST /api/identity-store/stores/{storeName}/users

Request:

Changed content type : application/json

• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.
• Added property totps (array) > A list of TOTPs registered to the user

Return Type:

Changed response : 201 Created

User created successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.
• Added property totps (array) > A list of TOTPs registered to the user

GET /api/identity-store/stores/{storeName}/users/{userId}

Return Type:

Changed response : 200 OK

User retrieved successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Items (object):

POST /api/identity-store/stores/{storeName}/users/{userId}

Request:

Changed content type : application/json

• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.
• Added property totps (array) > A list of TOTPs registered to the user

Return Type:

Changed response : 200 OK

User updated successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

GET /api/identity-store/stores/{storeName}/users/{extId}/ext

Return Type:

Changed response : 200 OK

User retrieved successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{extId}/ext

Request:

Changed content type : application/json

• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, appkeys and passkeys.
• Added property totps (array) > A list of TOTPs registered to the user

Return Type:

Changed response : 200 OK

User updated successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/preferredDevices/ext

Return Type:

Changed response : 200 OK

User updated with the preferred device

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/preferredDevices

Return Type:

Changed response : 200 OK

User updated with the preferred device

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/{type}

Return Type:

Changed response : 200 OK

User biometric updated successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userExtId}/biometrics/authentications/failure/ext

Return Type:

Changed response : 200 OK

Failed biometric authentication recorded successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/authentications/failure

Return Type:

Changed response : 200 OK

Failed biometric authentication recorded successfully

• Changed content type : application/json
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/passkeys/authentications

Return Type:

Changed response : 400 Bad Request

An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated passkey client.

NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.

Some of the more likely errors are:

• 348: The passkey matching the supplied credential ID is not active
• 352: The supplied client response message is not an authentication, it's a registration
• 353: The provided challenge is not the same as the challenge signed in the assertion
• 354: The origin in the client response is not in the restricted origins list
• 356: Token binding in the client response does not match the expected value
• 356: Token binding status missing from client response
• 362: No passkey was found matching the supplied credential ID
• 363: The passkey matching the supplied credential ID does not match the expected user
• 364: The authentication credential is not in the allowed credentials list
• 364: There is not user handle for this passkey and relying party ID found for the user
• 365: The user handle in the assertion does not match the expected user handle
• 372: Possible cloned authenticator. The signature counter is out of synch.
• 382: The origin in the client response does not start with https
• 383: The origin in the client response does not match the relying party ID
• 384: Session data not provided
• 386: Session data is missing the challenge
• 387: Session data is missing the relying party ID
• 394: Session data is missing authentication policy name
• 395: Operation success/failure response data not provided
• 397: Passkey authentication failed on the client
• 398: Passkey authentication was cancelled on the client
• 403: Passkey authentication timed out on the client
• 502: The user associated with this authentication is not active- 2100: The user is locked. Authentication cannot proceed.
• 2101: The user passkey modality is locked. Authentication cannot proceed.

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Passkey authentication completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

DELETE /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/registrations/keyIds/{keyId}

Return Type:

Changed response : 200 OK

User appkey(s) deleted successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userId}/appkeys/relyingParties/{rpId}/deregistrations

Return Type:

Changed response : 200 OK

User appkey(s) deleted successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/passkeys/registrations/sessions/{sessionId}

Return Type:

Changed response : 200 OK

Passkey registration completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{userId}/biometrics/authentications/face

Return Type:

Changed response : 400 Bad Request

An error occurred - including the face match failing.

NOTE For convenience the updated user object is returned when there is a face match failure because it may contain updated information about the user lock state.

Possible error codes:

• 8: Face algorithm not supported
• 2005: The biometric type is not supported
• 2006: The biometric subtype is not supported
• 2100: The user is locked so authentication cannot be performed
• 2101: The face modality is locked so authentication cannot be performed
• 2102: The user is disabled so authentication cannot be performed
• 2103: The presented biometric is disabled so authentication cannot be performed
• 20114: Biometric data is not supplied in the request
• 20115: The specified biometric type is not supported
• 20120: An unexpected error occurred while generating face template
• 20121: An error occurred while attempting to perform a face match
• 20122: There is no suitable face data available for matching against the presented sample
• 20123: The matching process data is missing from the request
• 20124: The matching algorithm is missing from the request
• 20125: The matching threshold must be between 0 and 1
• 20126: The internal matching threshold must be between 0 and 1

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Face matched successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/appkeys/authentications/sessions/{sessionId}

Return Type:

Changed response : 400 Bad Request

An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating with a validated appkey client.

NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.

Some of the more likely errors are:

• 502: The user associated with this authentication is not active- 1014: Session data was provided but session management for this authentication is configured as internal
• 1017: The supplied client response message is not an authentication, it's a registration for example
• 1026: The application on the client device is not registered in the trusted facets list of the appkey policy
• 1029: The session challenge does not match the challenge in the client response
• 1035: The appkey type is not supported- 1058: No appkey was found which matched the appkey key ID supplied in the authentication assertion
• 1059: The appkey referenced in the authentication assertion was not registered to the expected user
• 1060: The appkey referenced in the authentication assertion is not active
• 1061: Potential appkey clone detected, the signature count is lower than expected.
• 1090: The single-shot challenge timestamp is outside the valid time window
• 1091: Malformed authentication response message from the client
• 1092: Client response message contains no authentication responses
• 1093: Client response message contains multiple authentication responses
• 1102: Malformed authentication failure response message from the client
• 1104: The authentication failed on the client
• 1105: The authentication was cancelled by the client
• 1115: Operation success/failure response data not provided
• 2100: The user is locked. Authentication cannot proceed.
• 2101: The user appkey modality is locked. Authentication cannot proceed.

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Appkey authentication completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

DELETE /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/registrations/keyIds/{keyId}/ext

Return Type:

Changed response : 200 OK

User appkey(s) deleted successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/relyingParties/{rpId}/deregistrations/ext

Return Type:

Changed response : 200 OK

User appkey(s) deleted successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/appkeys/registrations/sessions/{sessionId}

Return Type:

Changed response : 200 OK

Appkey registration completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/passkeys/registrations

Return Type:

Changed response : 200 OK

Passkey registration completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/passkeys/authentications/sessions/{sessionId}

Return Type:

Changed response : 400 Bad Request

An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated passkey client.

NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.

Some of the more likely errors are:

• 348: The passkey matching the supplied credential ID is not active
• 352: The supplied client response message is not an authentication, it's a registration
• 353: The provided challenge is not the same as the challenge signed in the assertion
• 354: The origin in the client response is not in the restricted origins list
• 356: Token binding in the client response does not match the expected value
• 356: Token binding status missing from client response
• 362: No passkey was found matching the supplied credential ID
• 363: The passkey matching the supplied credential ID does not match the expected user
• 364: The authentication credential is not in the allowed credentials list
• 364: There is not user handle for this passkey and relying party ID found for the user
• 365: The user handle in the assertion does not match the expected user handle
• 372: Possible cloned authenticator. The signature counter is out of synch.
• 382: The origin in the client response does not start with https
• 383: The origin in the client response does not match the relying party ID
• 388: Session data was provided but session management for this authentication is configured as internal
• 395: Operation success/failure response data not provided
• 397: Passkey authentication failed on the client
• 398: Passkey authentication was cancelled on the client
• 403: Passkey authentication timed out on the client
• 502: The user associated with this authentication is not active- 2100: The user is locked. Authentication cannot proceed.
• 2101: The user passkey modality is locked. Authentication cannot proceed.

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Passkey authentication completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/users/{extId}/biometrics/authentications/face/ext

Return Type:

Changed response : 400 Bad Request

An error occurred - including the face match failing.

NOTE For convenience the updated user object is returned when there is a face match failure because it may contain updated information about the user lock state.

Possible error codes:

• 8: Face algorithm not supported
• 2005: The biometric type is not supported
• 2006: The biometric subtype is not supported
• 2100: The user is locked so authentication cannot be performed
• 2101: The face modality is locked so authentication cannot be performed
• 2102: The user is disabled so authentication cannot be performed
• 2103: The presented biometric is disabled so authentication cannot be performed
• 20114: Biometric data is not supplied in the request
• 20115: The specified biometric type is not supported
• 20120: An unexpected error occurred while generating face template
• 20121: An error occurred while attempting to perform a face match
• 20122: There is no suitable face data available for matching against the presented sample
• 20123: The matching process data is missing from the request
• 20124: The matching algorithm is missing from the request
• 20125: The matching threshold must be between 0 and 1
• 20126: The internal matching threshold must be between 0 and 1

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Face matched successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/appkeys/authentications

Return Type:

Changed response : 400 Bad Request

An error occurred either on the server or the client. Not all the error codes are listed here as there are many and a lot of them are unlikely to occur when integrating a validated appkey client.

NOTE For convenience the updated user object is returned when there is an authentication error because it may contain updated information about the user lock state.

Some of the more likely errors are:

• 502: The user associated with this authentication is not active- 1009: Session data not provided
• 1011: Session data is missing the challenge
• 1012: Session data is missing the relying party ID
• 1017: The supplied client response message is not an authentication, it's a registration for example
• 1026: The application on the client device is not registered in the trusted facets list of the appkey policy
• 1029: The session challenge does not match the challenge in the client response
• 1035: The appkey type is not supported- 1055: Session data is missing the policy
• 1056: Session data is missing authentication policy name
• 1058: No appkey was found which matched the appkey key ID supplied in the authentication assertion
• 1059: The appkey referenced in the authentication assertion was not registered to the expected user
• 1060: The appkey referenced in the authentication assertion is not active
• 1061: Potential appkey clone detected, the signature count is lower than expected.
• 1090: The single-shot challenge timestamp is outside the valid time window
• 1091: Malformed authentication response message from the client
• 1092: Client response message contains no authentication responses
• 1093: Client response message contains multiple authentication responses
• 1102: Malformed authentication failure response message from the client
• 1104: The authentication failed on the client
• 1105: The authentication was cancelled by the client
• 1115: Operation success/failure response data not provided
• 2100: The user is locked. Authentication cannot proceed.
• 2101: The user appkey modality is locked. Authentication cannot proceed.

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Changed response : 200 OK

Appkey authentication completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

POST /api/identity-store/stores/{storeName}/appkeys/registrations

Return Type:

Changed response : 200 OK

Appkey registration completed successfully

• Changed content type : application/json
• Changed property user (object) > A user in an identity store.
• Changed property summaryInfo (object) > Summary information about items registered to the user such as biometrics, device keys and passkeys.
• Added property totps (array)

Updated Store Configuration Data to Include TOTP Configuration

• GET /api/identity-store/stores/{storeName}/users/{userId}/authentications/{id}
• GET /api/identity-store/stores/{storeName}/users/{extUserId}/passkeys/{id}/registrationAudit/ext
• GET /api/identity-store/stores/{storeName}/users/{userId}/appkeys/{id}/registrationAudit
• GET /api/identity-store/stores/{storeName}/users/{extId}/authentications/{id}/ext
• GET /api/identity-store/stores/{storeName}/users/{extUserId}/appkeys/{id}/registrationAudit/ext
• GET /api/identity-store/stores/{storeName}/users/{userId}/passkeys/{id}/registrationAudit

Return Type:

Changed response : 200 OK

User authentication record retrieved successfully

• Changed content type : application/json
• Changed property authAuditDisplayInfo (object) > An authentication audit dto, containing structures for app keys, pass keys, biometrics and TOTPs.
• Added property totpAuditInfo (object) > A TOTP audit dto, 1 to 1 mapped to what should be shown in UI for TOTP authentication audit.
• Property policyName (string)
• Property algorithm (string)
• Property registrationCreatedDtm (string)
• Property registrationActivatedDtm (string)
• Property authenticationDtm (string)
• Changed property authAuditRecord (object) > An authentication audit record > An authentication record contains common fields such as the type and references to the tenant, store and user and specific information depending on the type: appkey/passkey/biometric/TOTP.
• Added property totpInfo (object) > For TOTP authentications this field contains information specific to TOTP authentication
• Property id (string) > The ID of the TOTP in the database.
• Property policyName (string) > The TOTP policy defined.
• Property algorithm (string) > The algorithm used to validate the authentication code
• Property registrationCreatedDtm (string) > The TOTP's registration date/time.
• Property registrationActivatedDtm (string) > The TOTP's activation date/time (first authentication date/time).
• Changed property type (string) > A type of authentication audit maintained by the identiy store. Possible values: > - Passkey: Passkey authentication. > - Appkey: Appkey authentication. > - Face: Face authentication. > - Voice_TD: Voice text-dependent authentication. > - Voice_TI: Voice text-independent authentication.

Added enum value:

• TOTP

Updated Store Configuration Data to Include TOTP Configuration

• POST /api/identity-store/stores
• POST /api/identity-store/stores/{storeName}/appkeyConfig/{rpId}
• POST /api/identity-store/stores/{storeName}/appkeyConfig
• POST /api/identity-store/stores/{storeName}/passkeyConfig/{rpId}
• GET /api/identity-store/stores/{storeName}
• POST /api/identity-store/stores/{storeName}
• POST /api/identity-store/stores/{storeName}/passkeyConfig

Request:

Changed content type : application/json

• Changed property configuration (object) > Identity Store configuration settings. Contains global settings, user locking configuration and policies for face, appkey and passkey registration and authentication
• Added property totpPolicies (object) > Map of TOTP policies keyed by policy name. Required for TOTP authentication.

Return Type:

Changed response : 201 Created

Store created successfully

• Changed content type : application/json
• Changed property configuration (object) > Identity Store configuration settings. Contains global settings, user locking configuration and policies for face, appkey and passkey registration and authentication
• Added property totpPolicies (object) > Map of TOTP policies keyed by policy name. Required for TOTP authentication.