60378: Authenticator response invalid or not provided

This error occurs when you send a Verify Passkeys request without a valid response object. During passkey registration, VerifyFactor requires response.clientDataJSON and response.attestationObject. During passkey authentication, ApproveChallenge requires response.authenticatorData, response.clientDataJSON, and response.signature.

• You omitted the response object from the JSON payload or sent a value that Verify could not interpret as a WebAuthn credential response.
• You sent a passkey registration request to VerifyFactor without the required response.clientDataJSON or response.attestationObject fields.
• You sent a passkey authentication request to ApproveChallenge without the required response.authenticatorData, response.clientDataJSON, or response.signature fields.
• You modified, filtered, or rebuilt the browser credential instead of sending the credential object returned by navigator.credentials.create() or navigator.credentials.get() as JSON.

• Send the full browser-generated credential object as JSON to the correct Passkeys endpoint instead of reconstructing the response object manually.
• For passkey registration, send the credential to VerifyFactor and include id, rawId, authenticatorAttachment, type, response.clientDataJSON, and response.attestationObject.
• For passkey authentication, send the credential to ApproveChallenge and include id, rawId, authenticatorAttachment, type, response.authenticatorData, response.clientDataJSON, and response.signature.
• Generate the payload from the correct WebAuthn browser call. Use navigator.credentials.create() when you register and verify a new factor. Use navigator.credentials.get() when you approve a passkey challenge.

• Verify Passkeys quickstart
• Passkeys Challenge resource
• Passkeys Factor resource