Upgrade JWT scope with valid MFA session

POST

sdk

{environmentId}

users

mfa

auth

passkey

Upgrade JWT scope with valid MFA session

curl --request POST \
  --url https://app.dynamicauth.com/api/v0/sdk/{environmentId}/users/mfa/auth/passkey \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "id": "An example name",
  "rawId": "An example name",
  "response": {
    "clientDataJSON": "An example name",
    "authenticatorData": "An example name",
    "signature": "An example name",
    "userHandle": "<string>"
  },
  "clientExtensionResults": {
    "appid": true,
    "credProps": {},
    "hmacCreateSecret": true
  },
  "requestedScopes": [
    "wallet:export"
  ]
}
'

{
  "user": {
    "id": "95b11417-f18f-457f-8804-68e361f9164f",
    "projectEnvironmentId": "95b11417-f18f-457f-8804-68e361f9164f",
    "verifiedCredentials": [
      {
        "id": "95b11417-f18f-457f-8804-68e361f9164f",
        "signInEnabled": true,
        "address": "0xbF394748301603f18d953C90F0b087CBEC0E1834",
        "chain": "<string>",
        "refId": "95b11417-f18f-457f-8804-68e361f9164f",
        "signerRefId": "95b11417-f18f-457f-8804-68e361f9164f",
        "email": "[email protected]",
        "name_service": {
          "avatar": "<string>",
          "name": "<string>"
        },
        "public_identifier": "<string>",
        "wallet_name": "<string>",
        "wallet_properties": {
          "turnkeySubOrganizationId": "95b11417-f18f-457f-8804-68e361f9164f",
          "turnkeyPrivateKeyId": "95b11417-f18f-457f-8804-68e361f9164f",
          "turnkeyHDWalletId": "95b11417-f18f-457f-8804-68e361f9164f",
          "isAuthenticatorAttached": true,
          "turnkeyUserId": "95b11417-f18f-457f-8804-68e361f9164f",
          "isSessionKeyCompatible": true
        },
        "oauth_username": "<string>",
        "oauth_display_name": "<string>",
        "oauth_account_id": "<string>",
        "phoneNumber": "9171113333",
        "phoneCountryCode": "1",
        "isoCountryCode": "US",
        "oauth_account_photos": [
          "<string>"
        ],
        "oauth_emails": [
          "<string>"
        ],
        "oauth_metadata": {},
        "previous_users": [
          "95b11417-f18f-457f-8804-68e361f9164f"
        ],
        "embedded_wallet_id": "<string>",
        "wallet_additional_addresses": [
          {
            "address": "<string>",
            "publicKey": "<string>"
          }
        ],
        "lastSelectedAt": "2023-11-07T05:31:56Z",
        "verifiedAt": "2023-11-07T05:31:56Z"
      }
    ],
    "lastVerifiedCredentialId": "95b11417-f18f-457f-8804-68e361f9164f",
    "sessionId": "95b11417-f18f-457f-8804-68e361f9164f",
    "alias": "An example name",
    "country": "US",
    "email": "[email protected]",
    "firstName": "An example name",
    "jobTitle": "An example name",
    "lastName": "An example name",
    "phoneNumber": "<string>",
    "policiesConsent": true,
    "tShirtSize": "An example name",
    "team": "An example name",
    "username": "An example name",
    "firstVisit": "2023-11-07T05:31:56Z",
    "lastVisit": "2023-11-07T05:31:56Z",
    "newUser": true,
    "metadata": {},
    "btcWallet": "<string>",
    "kdaWallet": "<string>",
    "ltcWallet": "<string>",
    "ckbWallet": "<string>",
    "kasWallet": "<string>",
    "dogeWallet": "<string>",
    "emailNotification": true,
    "discordNotification": true,
    "newsletterNotification": true,
    "lists": [
      "<string>"
    ],
    "scope": "superuser marketing operations",
    "missingFields": [
      {
        "name": "<string>",
        "required": true,
        "enabled": true,
        "unique": true,
        "verify": true,
        "validationRules": {
          "unique": true,
          "regex": "^0x",
          "validOptions": [
            {
              "label": "small"
            },
            {
              "label": "medium"
            },
            {
              "label": "large"
            }
          ],
          "checkboxText": "Agree to the terms and conditions"
        },
        "label": "<string>",
        "position": 123
      }
    ]
  },
  "expiresAt": "1715620310",
  "mfaToken": "<string>",
  "jwt": "jwt_value",
  "minifiedJwt": "jwt_value",
  "elevatedAccessToken": "jwt_value"
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

environmentId

string

required

ID of the environment

Required string length: 36

Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$

Example:

"95b11417-f18f-457f-8804-68e361f9164f"

Body

application/json

passkey response

string

required

Pattern: ^(?=\S)[\p{L}\p{N}a-zA-Z _.,:!?&%@\/+\-'|]+(?<=\S)$

Example:

"An example name"

rawId

string

required

Pattern: ^(?=\S)[\p{L}\p{N}a-zA-Z _.,:!?&%@\/+\-'|]+(?<=\S)$

Example:

"An example name"

response

object

required

Show child attributes

clientExtensionResults

object

required

Show child attributes

type

enum<string>

required

Available options:

public-key

authenticatorAttachment

enum<string>

Available options:

cross-platform,

platform

createMfaToken

object

Show child attributes

requestedScopes

enum<string>[]

Optional list of scopes to include in the elevated access token.

Minimum array length: 1

Valid scopes for an elevated access token

Available options:

console:admin_action:review,

console:approval_workflow:update,

console:member:invite,

console:mfa:reset,

console:project:delete,

console:settings:update,

console:sso:update,

console:user:delete,

credential:link,

credential:update,

credential:unlink,

user:update,

user:delete,

wallet:export,

wallet:delete,

wallet:delegate,

wallet:sign,

wallet:restore

Example:

["wallet:export"]

Response

Successful operation

user

object

required

Show child attributes

expiresAt

number

required

Format is a unix-based timestamp. When set, this will be the expiration timestamp on the JWT sent using either the jwt field or a response httpOnly cookie set by the server.

Example:

"1715620310"

mfaToken

string

Token used to continue multi-factor authentication flow

jwt

string

Encoded JWT token. This will only be returned when cookie-based authentication is disabled in favor of standard Auth header based authentication.

Example:

"jwt_value"

minifiedJwt

string

Encoded JWT token. This will only be returned when cookie-based authentication is disabled in favor of standard Auth header based authentication.

Example:

"jwt_value"

elevatedAccessToken

string

Encoded JWT token for elevated access. This will only be returned when requestedScopes are requested.

Example:

"jwt_value"

Upgrade JWT scope with valid MFA sessionAuthenticates via email verification and upgrades the JWT scope with a valid MFA session.

⌘I

Upgrade JWT scope with valid MFA session

curl --request POST \
  --url https://app.dynamicauth.com/api/v0/sdk/{environmentId}/users/mfa/auth/passkey \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "id": "An example name",
  "rawId": "An example name",
  "response": {
    "clientDataJSON": "An example name",
    "authenticatorData": "An example name",
    "signature": "An example name",
    "userHandle": "<string>"
  },
  "clientExtensionResults": {
    "appid": true,
    "credProps": {},
    "hmacCreateSecret": true
  },
  "requestedScopes": [
    "wallet:export"
  ]
}
'

{
  "user": {
    "id": "95b11417-f18f-457f-8804-68e361f9164f",
    "projectEnvironmentId": "95b11417-f18f-457f-8804-68e361f9164f",
    "verifiedCredentials": [
      {
        "id": "95b11417-f18f-457f-8804-68e361f9164f",
        "signInEnabled": true,
        "address": "0xbF394748301603f18d953C90F0b087CBEC0E1834",
        "chain": "<string>",
        "refId": "95b11417-f18f-457f-8804-68e361f9164f",
        "signerRefId": "95b11417-f18f-457f-8804-68e361f9164f",
        "email": "[email protected]",
        "name_service": {
          "avatar": "<string>",
          "name": "<string>"
        },
        "public_identifier": "<string>",
        "wallet_name": "<string>",
        "wallet_properties": {
          "turnkeySubOrganizationId": "95b11417-f18f-457f-8804-68e361f9164f",
          "turnkeyPrivateKeyId": "95b11417-f18f-457f-8804-68e361f9164f",
          "turnkeyHDWalletId": "95b11417-f18f-457f-8804-68e361f9164f",
          "isAuthenticatorAttached": true,
          "turnkeyUserId": "95b11417-f18f-457f-8804-68e361f9164f",
          "isSessionKeyCompatible": true
        },
        "oauth_username": "<string>",
        "oauth_display_name": "<string>",
        "oauth_account_id": "<string>",
        "phoneNumber": "9171113333",
        "phoneCountryCode": "1",
        "isoCountryCode": "US",
        "oauth_account_photos": [
          "<string>"
        ],
        "oauth_emails": [
          "<string>"
        ],
        "oauth_metadata": {},
        "previous_users": [
          "95b11417-f18f-457f-8804-68e361f9164f"
        ],
        "embedded_wallet_id": "<string>",
        "wallet_additional_addresses": [
          {
            "address": "<string>",
            "publicKey": "<string>"
          }
        ],
        "lastSelectedAt": "2023-11-07T05:31:56Z",
        "verifiedAt": "2023-11-07T05:31:56Z"
      }
    ],
    "lastVerifiedCredentialId": "95b11417-f18f-457f-8804-68e361f9164f",
    "sessionId": "95b11417-f18f-457f-8804-68e361f9164f",
    "alias": "An example name",
    "country": "US",
    "email": "[email protected]",
    "firstName": "An example name",
    "jobTitle": "An example name",
    "lastName": "An example name",
    "phoneNumber": "<string>",
    "policiesConsent": true,
    "tShirtSize": "An example name",
    "team": "An example name",
    "username": "An example name",
    "firstVisit": "2023-11-07T05:31:56Z",
    "lastVisit": "2023-11-07T05:31:56Z",
    "newUser": true,
    "metadata": {},
    "btcWallet": "<string>",
    "kdaWallet": "<string>",
    "ltcWallet": "<string>",
    "ckbWallet": "<string>",
    "kasWallet": "<string>",
    "dogeWallet": "<string>",
    "emailNotification": true,
    "discordNotification": true,
    "newsletterNotification": true,
    "lists": [
      "<string>"
    ],
    "scope": "superuser marketing operations",
    "missingFields": [
      {
        "name": "<string>",
        "required": true,
        "enabled": true,
        "unique": true,
        "verify": true,
        "validationRules": {
          "unique": true,
          "regex": "^0x",
          "validOptions": [
            {
              "label": "small"
            },
            {
              "label": "medium"
            },
            {
              "label": "large"
            }
          ],
          "checkboxText": "Agree to the terms and conditions"
        },
        "label": "<string>",
        "position": 123
      }
    ]
  },
  "expiresAt": "1715620310",
  "mfaToken": "<string>",
  "jwt": "jwt_value",
  "minifiedJwt": "jwt_value",
  "elevatedAccessToken": "jwt_value"
}