fix: add missing WebAuthn credential management endpoints [4.2]

CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)
 
+## [4.2.0] - 2025-07-29
+
+- Added support for listing and removing WebAuthn credentials for a user. New APIs":
+  -   `POST /{apiBasePath}/<tenantId>/webauthn/credential/remove`
+  -   `GET /{apiBasePath}/<tenantId>/webauthn/credential/list`
+
 ## [4.1.0] - 2025-05-14
 
 ### Changes

api_spec.yaml

@@ -2957,6 +2957,106 @@ paths:
         '500':
           $ref: '#/components/responses/500'
 
+  /{apiBasePath}/<tenantId>/webauthn/credential/remove:
+      post:
+        tags:
+          - WebAuthn Recipe
+        operationId: webauthnRemoveCredential
+        description: |
+          Remove a WebAuthn credential for an existing user
+        parameters:
+          - $ref: '#/components/parameters/apiBasePath'
+          - $ref: '#/components/parameters/webauthnRid'
+          - $ref: '#/components/parameters/anti-csrf'
+        security:
+          - AccessTokenBearer: []
+          - AccessTokenCookie: []
+        requestBody:
+          content:
+            application/json:
+              schema:
+                type: object
+                required:
+                  - webauthnCredentialId
+                properties:
+                  webauthnCredentialId:
+                    type: string
+                    example: "cred_123..."
+        responses:
+          '200':
+            description: Credential removal response
+            content:
+              application/json:
+                schema:
+                  oneOf:
+                    - type: object
+                      properties:
+                        status:
+                          $ref: '#/components/schemas/statusOK'
+                    - $ref: '#/components/schemas/generalErrorResponse'
+                    - type: object
+                      properties:
+                        status:
+                          type: string
+                          enum: ["CREDENTIAL_NOT_FOUND_ERROR"]
+          '404':
+            $ref: '#/components/responses/404'
+          '500':
+            $ref: '#/components/responses/500'
+
+  /{apiBasePath}/<tenantId>/webauthn/credential/list:
+      get:
+        tags:
+          - WebAuthn Recipe
+        operationId: webauthnListCredentials
+        description: |
+          List all WebAuthn credentials for an existing user
+        parameters:
+          - $ref: '#/components/parameters/apiBasePath'
+          - $ref: '#/components/parameters/webauthnRid'
+          - $ref: '#/components/parameters/anti-csrf'
+        security:
+          - AccessTokenBearer: []
+          - AccessTokenCookie: []
+        responses:
+          '200':
+            description: Credential list response
+            content:
+              application/json:
+                schema:
+                  oneOf:
+                    - type: object
+                      properties:
+                        status:
+                          $ref: '#/components/schemas/statusOK'
+                      credentials:
+                        type: array
+                        items:
+                          type: object
+                          properties:
+                            webauthnCredentialId: 
+                              type: string
+                              example: "cred_123..."
+                            relyingPartyId:
+                              type: string
+                              example: "https://example.com"
+                            recipeUserId:
+                              type: string
+                              example: "user_123..."
+                            createdAt:
+                              type: number
+                              example: 1638433545183
+                    - $ref: '#/components/schemas/generalErrorResponse'
+                    - type: object
+                      properties:
+                        status:
+                          type: string
+                          enum: ["CREDENTIAL_NOT_FOUND_ERROR"]
+          '404':
+            $ref: '#/components/responses/404'
+          '500':
+            $ref: '#/components/responses/500'
+
   /{apiBasePath}/<tenantId>/webauthn/email/exists:
     get:
       tags: