Admin APIs
This section provides an overview of the FIDO2 Server admin APIs and how to use them to manage FIDO credentials, users, and policies.
The FIDO2 Server provides several admin APIs that allow you to manage FIDO resources programmatically. These APIs enable you to build:
- Self-service portals where users can view and manage their own credentials
- Administrative dashboards where administrators can manage user credentials and policies
- Backend services that perform bulk operations or automated credential management
Admin API categories
The admin APIs are organized into three main categories:
Authenticator management
The authenticator admin API provides comprehensive credential management capabilities. Learn more about authenticator management.
User management
The user admin API enables user account queries and management. Learn more about user management .
Policy management
The authenticator policy admin API allows you to configure policies that control authenticator usage. Learn more about policy management.
Authentication and authorization
All admin API operations require proper authentication and authorization:
- Operations require specific roles encoded in the JWT token passed as an HTTP
Authorizationrequest header with theBearerauthorization scheme. - Each operation specifies the required role in its API documentation.
Getting started
To get started with the admin APIs:
- Choose your use case: Determine whether you need authenticator management, user management, or policy management
- Review the specific guide: Read the detailed guide for your chosen area
- Check API documentation: Refer to the API reference for endpoint details
- Implement authentication: Set up JWT tokens for API access
- Test your integration: Verify your implementation with test credentials
Next steps
- Authenticator management: Learn how to manage FIDO credentials
- User management: Learn how to manage FIDO2 users
- Policy management: Learn how to configure authenticator policies
