60385: Public key invalid or not provided

This error occurs when you create a Verify Push factor and the request does not include binding.publicKey, or the value is not a valid ECDSA public key in PKIX ASN.1 DER format encoded in Base64. Verify Push factors use public-key cryptography and store the public key generated by the registered device.

• The request uses factorType push but does not include binding.publicKey.
• The binding.publicKey value is present, but it is not an ECDSA public key in PKIX ASN.1 DER format encoded in Base64.
• The factor creation request does not include the public key generated during the device registration flow for Verify Push.

• Include binding.publicKey in the create Factor request whenever factorType is push.
• Send the public key in the required format: an ECDSA public key in PKIX ASN.1 DER format encoded in Base64.
• If you use a Verify Push SDK, register the user and device again and create the factor from the SDK registration flow so the request includes the correct device-generated public key.

• Factor Resource
• Verify Push & Silent Device Approval Overview
• Verify Push Client Library Technical Overview