Skip Navigation Links

Passkeys

List passkeys

Requires authentication via bearer.

Returns every passkey registered for the given user.

  • Requires VIEW permission on the target user.
  • Returns 403 when the PASSKEYS_ENABLED license feature is disabled for the tenant.
  • Results are unordered and not paginated.

Path Params

user_id stringrequired

Unique identifier of a user.

Query Params

embed string[]

Options for embedding additional data in passkey responses:

  • ACTIONS: Include the per-passkey actions block.

Response Body

200 OK

Delete passkey

Requires authentication via bearer.

Revokes a single passkey credential. The user can no longer authenticate with it after this call returns.

  • Requires EDIT permission on the target user.
  • Returns 403 when the PASSKEYS_ENABLED license feature is disabled for the tenant.
  • No minimum-credential guard: deleting a user's last remaining passkey is allowed. Callers that want to enforce a minimum must check first.

Path Params

user_id stringrequired

Unique identifier of a user.

passkey_id stringrequired

The ID of the passkey to delete.

Response Body

200 OK