Skip to main content
POST
/
auth
/
passkey
/
verify-enroll
Verify a passkey registration response + persist the credential
curl --request POST \
  --url https://api.mnemom.ai/v1/auth/passkey/verify-enroll \
  --header 'Content-Type: application/json' \
  --cookie mnemom_session= \
  --data '
{
  "response": {
    "id": "<string>",
    "rawId": "<string>",
    "type": "public-key",
    "response": {},
    "clientExtensionResults": {},
    "authenticatorAttachment": "<string>"
  },
  "friendly_name": "<string>"
}
'
{
  "credential_id": "<string>",
  "friendly_name": "<string>",
  "device_type": "single_device",
  "backed_up": true
}

Authorizations

mnemom_session
string
cookie
required

HttpOnly, Secure, SameSite=Lax cookie issued by /v1/auth/sign-in (or the SSO / email-callback flows). The value is an AES-256-GCM-encrypted blob of {access_token, refresh_token, issued_at, auth_method}. Browser clients include this automatically with credentials: "include".

Body

application/json
response
object
required

Browser's navigator.credentials.create() response, JSON-serialized per the WebAuthn Level 3 JSON form.

friendly_name
string

User label (e.g. "Alex's iPhone").

Response

Passkey enrolled.

credential_id
string
friendly_name
string | null
device_type
enum<string>
Available options:
single_device,
multi_device
backed_up
boolean