60377: Authenticator attachment invalid or not provided
VERIFY
ERROR
This error occurs when Verify Passkeys receives a request without a valid authenticatorAttachment value. Send the authenticatorAttachment returned in the WebAuthn credential object when you verify a Passkey factor or approve a Passkeys challenge. For those requests, Verify accepts only platform or cross-platform.
- Your request to
VerifyFactororApproveChallengedoes not include the requiredauthenticatorAttachmentfield. - Your request includes an unsupported value for
authenticatorAttachment. For Passkey verification and challenge approval, supported values areplatformandcross-platform. - You sent
anyin the credential payload.anyis allowed in Passkeys service or factor configuration, but it is not a valid value in the WebAuthn credential payload you send toVerifyFactororApproveChallenge. - You rebuilt or filtered the browser
credentialobject before sending it to Verify, and theauthenticatorAttachmentproperty was removed or renamed. The Passkeys quickstart showsauthenticatorAttachmentas part of the generated credential and instructs you to pass that copied JSON object to the Verify endpoint.
- Send the full browser
credentialobject returned bynavigator.credentials.create()ornavigator.credentials.get()as JSON when you callVerifyFactororApproveChallenge. - Validate that
authenticatorAttachmentis present before you send the request. Do not omit the field in registration or authentication payloads. - Make sure the value is exactly
platformorcross-platformwhen you submit the credential payload. - If your Passkeys service or factor configuration uses
any, keep that value only in configuration fields such asPasskeys.AuthenticatorAttachmentorconfig.authenticator_attachment. Do not sendanyas the credential'sauthenticatorAttachment. - Follow the Passkeys quickstart flow to create the factor or challenge, generate the credential in the browser, and then submit that copied credential object to Verify without changing field names.