Stytch - Auth platform for developers

Wraps Stytch's authenticate_start and authenticate WebAuthn endpoints, the Credential Manager API on Android and the CredentialProvider API on iOS. Call this method to authenticate a user using an existing WebAuthn registration in Stytch.

Call webauthn.authenticate inside an event callback triggered by a user gesture.

You can listen for successful user updates anywhere in the codebase with the stytch.user.onChange() method or useStytchUser() hook if you are using React.

Method parameters

domain* string

The domain for Passkeys or WebAuthn.

is_passkey boolean

If true, the WebAuthn flow will be optimized for Passkeys by altering the public_key_credential_creation_options used.

session_duration_minutes int

Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist, returning both an opaque session_token and session_jwt for this session. Remember that the session_jwt will have a fixed lifetime of five minutes regardless of the underlying session duration, and will need to be refreshed over time.

This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).

If a session_token or session_jwt is provided then a successful authentication will continue to extend the session this many minutes.

If the session_duration_minutes parameter is not specified, a Stytch session will not be created.

import React, { useCallback } from 'react'; import { Text, TouchableOpacity, View } from 'react-native'; import { useStytch } from '@stytch/react-native'; export const Login = () => { const stytch = useStytch(); const trigger = useCallback(() => { stytch.webauthn.authenticate({ domain: 'example.com', is_passkey: true, session_duration_minutes: 60, }); }, [stytch]); return ( <View> <TouchableOpacity onPress={trigger}> <Text>Authenticate WebAuthn Registration</Text> </TouchableOpacity> </View> ); };

{ "status_code": 200, "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141", "session": null "session_jwt": "", "session_token": "", "user": {...}, "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6", "webauthn_registration_id": "webauthn-registration-test-5c44cc6a-8af7-48d6-8da7-ea821342f5a6", }

{ "status_code": 400, "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141", "error_type": "invalid_public_key_credential", "error_message": "Invalid public key credential. Please confirm you're passing a correctly formatted public key credential.", "error_url": "https://stytch.com/docs/api/errors/400" }

{ "status_code": 401, "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141", "error_type": "unable_to_auth_webauthn_registration", "error_message": "WebAuthn registration could not be authenticated.", "error_url": "https://stytch.com/docs/api/errors/401" }

{ "status_code": 429, "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141", "error_type": "too_many_requests", "error_message": "Too many requests have been made.", "error_url": "https://stytch.com/docs/api/errors/429" }

{ "status_code": 500, "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141", "error_type": "internal_server_error", "error_message": "Oops, something seems to have gone wrong, please reach out to support@stytch.com to let us know what went wrong.", "error_url": "https://stytch.com/docs/api/errors/500" }