60386: Attestation object invalid or not provided

This error occurs when your Verify Passkeys registration request does not include a valid response.attestationObject. Send the credential returned by navigator.credentials.create() to the VerifyFactor endpoint. That credential includes the attestation data required to register the new passkey.

• Your request body does not include response.attestationObject.
• The response.attestationObject value is empty, malformed, or changed during serialization.
• You manually rebuilt the credential payload instead of sending the full registration result from navigator.credentials.create().
• You sent authentication data from navigator.credentials.get() instead of registration data from navigator.credentials.create().
• The nested response object is missing or incorrectly structured in the JSON payload.

• Create the passkey again in the browser and send the full credential object returned by navigator.credentials.create().
• Include the required registration fields in your request, including id, rawId, type, authenticatorAttachment, response.clientDataJSON, and response.attestationObject.
• Preserve the credential values exactly as returned by the browser. Do not truncate, rename, or re-encode response.attestationObject.
• Confirm that type is public-key and that your request body matches the Passkeys VerifyFactor schema.
• Use the passkey registration flow for this endpoint. If you are approving a sign-in challenge, send the navigator.credentials.get() result to the challenge approval endpoint instead.

• Verify Passkeys quickstart
• Passkeys Factor resource
• Verify Passkeys overview