# Begin passkey registration

Generates and returns WebAuthn creation options for the current user. The server will set cookies to maintain the registration challenge context.

Endpoint: GET /api/v1/passkeys/begin-register
Version: 1.0
Security: header

## Response 200 fields (application/json):

  - `challenge` (string, required)
    Base64url-encoded server challenge

  - `rp` (object,null)
    Relying Party entity (name and id)

  - `rp.id` (string,null)

  - `rp.name` (string,null)

  - `user` (object,null)
    User entity; id is base64url-encoded

  - `user.displayName` (string,null)

  - `pubKeyCredParams` (array,null)
    List of acceptable credential parameters (type and COSE alg)

  - `pubKeyCredParams.type` (string,null)

  - `pubKeyCredParams.alg` (integer,null)

  - `timeout` (integer,null)
    Timeout in milliseconds

  - `attestation` (string,null)
    Attestation conveyance preference

  - `authenticatorSelection` (object,null)
    Authenticator selection constraints

  - `authenticatorSelection.authenticatorAttachment` (string,null)

  - `authenticatorSelection.requireResidentKey` (boolean,null)

  - `authenticatorSelection.residentKey` (string,null)

  - `authenticatorSelection.userVerification` (string,null)

  - `excludeCredentials` (array,null)
    Credentials to exclude from creation (by descriptor)

  - `excludeCredentials.transports` (array,null)

  - `extensions` (object,null)
    Extension inputs keyed by extension name

## Response 400 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation

## Response 401 fields (application/json):

  - `errorCode` (string, required)
    Error code

  - `message` (string, required)
    Error message

  - `docUrl` (string)
    Link to documentation