60379: Authenticator data invalid or not provided

This error occurs when you approve a Verify Passkeys challenge and the request does not include a valid response.authenticatorData value. Send the WebAuthn authentication result from navigator.credentials.get() to the ApproveChallenge subresource, and include authenticatorData inside the response object.

• The request body does not include response.authenticatorData.
• authenticatorData is sent in the wrong location instead of inside response.
• The value was altered, truncated, or reformatted before you sent it.
• The request sends registration data from navigator.credentials.create() instead of authentication data from navigator.credentials.get().
• The credential payload is incomplete, which can happen when id, rawId, response.clientDataJSON, or response.signature are missing or copied incorrectly.

• Create a Passkeys challenge first, then call navigator.credentials.get() with the challenge options returned by Twilio.
• Send the credential payload to POST /v2/Services/{ServiceSid}/Passkeys/ApproveChallenge as JSON.
• Include the authentication fields exactly as returned by the browser. Send id, rawId, authenticatorAttachment, and a response object that contains authenticatorData, clientDataJSON, and signature.
• Do not send registration-only fields such as attestationObject when you approve a challenge.
• If your application serializes or transforms the browser credential before sending it to your server, verify that the process does not drop, rename, or corrupt authenticatorData.

• Verify Passkeys quickstart
• Passkeys Challenge resource
• Verify Passkeys overview