Passkey
A registered passkey (FIDO2/WebAuthn) authentication method.
type Passkey {
aaGuid: String!
accountId: ID!
counter: Int!
createdDateTime: DateTime!
credentialId: String!
deactivatedDateTime: DateTime
displayName: String!
id: ID!
identityId: ID
lastUsedDateTime: DateTime
publicKey: String!
transports: [String!]!
type: PasskeyType!
}
Fields
Passkey.aaGuid ● String! non-null scalar
The Authenticator Attestation GUID identifying the authenticator model. May be all-zero if unknown.
Passkey.accountId ● ID! non-null scalar
The internal account ID this passkey is registered against.
Passkey.counter ● Int! non-null scalar
The signature counter last reported by the authenticator (used to detect cloned authenticators).
Passkey.createdDateTime ● DateTime! non-null scalar
When the passkey was registered.
Passkey.credentialId ● String! non-null scalar
The WebAuthn credential ID for this passkey (base64url-encoded).
Passkey.deactivatedDateTime ● DateTime scalar
When the passkey was deactivated (soft-delete). Null while the passkey is registered/active.
Passkey.displayName ● String! non-null scalar
A user-friendly display name for the passkey (e.g. "My iPhone", "YubiKey").
Passkey.id ● ID! non-null scalar
The unique identifier for this passkey.
Passkey.identityId ● ID scalar
The identity ID associated with this passkey, used to resolve the account during passkey login.
Passkey.lastUsedDateTime ● DateTime scalar
When the passkey was last used for authentication.
Passkey.publicKey ● String! non-null scalar
The COSE-encoded public key for this passkey (base64-encoded).
Passkey.transports ● [String!]! non-null scalar
Transports the authenticator supports (e.g. "internal", "usb", "nfc", "ble", "hybrid").
Passkey.type ● PasskeyType! non-null enum
Whether the passkey is device-bound or synced across devices.
Returned By
completePasskeyRegistration mutation ● deactivatePasskey mutation ● findPasskeys query ● identityPasskeys query ● myPasskeys query ● passkey query ● updatePasskeyDisplayName mutation