> ## Documentation Index
> Fetch the complete documentation index at: https://developers.squads.so/llms.txt
> Use this file to discover all available pages before exploring further.

# Submit Passkey Session

> Process WebAuthn authenticator responses and create/update externally signed accounts on the blockchain

Processes WebAuthn authenticator responses for **custom UI implementations**. This is an advanced endpoint for companies that need to host passkey flows on their own domain.

For most applications, use the [hosted UI approach](/squads-api/api-reference/v1/endpoint/passkeys/auth) instead.

### Key Notes

* **Custom Domain**: Use this endpoint when hosting passkey flows on your own domain
* **Complete Response Required**: Submit the full WebAuthn authenticator response object
* **Slot Number**: Extract from URL parameters when creating the passkey session

For detailed implementation, see the [Custom Domain](/squads-api/passkeys/advanced-integration) guide.


## OpenAPI

````yaml POST /api/v1/passkeys/submit-passkey-session
openapi: 3.0.0
info:
  title: Squads API
  version: 1.0.0
  description: >
    The Squads API provides functionality for managing smart accounts and
    spending limits.

    This API allows you to create and manage smart accounts, set up spending
    limits, and perform transactions.
servers:
  - url: https://developer-api.squads.so
    description: Production server
security:
  - bearerAuth: []
paths:
  /api/v1/passkeys/submit-passkey-session:
    post:
      summary: Submit passkey session
      description: >
        Processes WebAuthn authenticator responses and creates/updates
        externally signed accounts on the blockchain.

        This endpoint completes the passkey ceremony by submitting the
        authenticator response from the WebAuthn process.


        For 'create' ceremonies, this creates a new on-chain account associated
        with the passkey.

        For 'auth' ceremonies, this updates the session key for an existing
        account.
      operationId: submitPasskeySession
      parameters:
        - $ref: '#/components/parameters/NetworkHeader'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              required:
                - ceremonyType
                - sessionKey
                - slotNumber
                - authenticatorResponse
              properties:
                ceremonyType:
                  type: string
                  enum:
                    - create
                    - auth
                  description: Type of ceremony being completed
                sessionKey:
                  $ref: '#/components/schemas/SessionKeyWithByteArray'
                slotNumber:
                  type: integer
                  format: uint64
                  description: Solana slot number for the ceremony
                authenticatorResponse:
                  type: object
                  description: Complete WebAuthn authenticator response as JSON value
      responses:
        '200':
          description: Passkey session submitted successfully
          content:
            application/json:
              schema:
                type: object
                properties:
                  externallySignedAccount:
                    type: string
                    description: Solana public key of the externally signed account
                  sessionKey:
                    $ref: '#/components/schemas/SessionKeyWithByteArray'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/UnprocessableEntity'
components:
  parameters:
    NetworkHeader:
      name: x-squads-network
      in: header
      required: true
      schema:
        type: string
        enum:
          - mainnet
          - devnet
      description: Specifies the network for the API request
  schemas:
    SessionKeyWithByteArray:
      type: object
      required:
        - key
        - expiration
      properties:
        key:
          type: array
          items:
            type: integer
            minimum: 0
            maximum: 255
          minItems: 32
          maxItems: 32
          description: 32-byte array as Solana public key
          example: '[0; 32]'
        expiration:
          type: integer
          format: uint64
          description: >-
            Session validity duration in seconds from now (for requests) or Unix
            timestamp (for responses)
    Error:
      type: object
      properties:
        status:
          type: integer
          description: HTTP status code
        code:
          type: string
          description: Error code for easy lookup
        message:
          type: string
          description: Detailed error description
        details:
          type: array
          items:
            $ref: '#/components/schemas/ErrorDetail'
        metadata:
          $ref: '#/components/schemas/ErrorMetadata'
        custom:
          type: object
          additionalProperties:
            type: string
        simulation_logs:
          type: array
          items:
            type: string
          description: >-
            Transaction simulation logs. Returns an empty array when debug=false
            or not provided.
    ErrorDetail:
      type: object
      properties:
        field:
          type: string
          description: The field that failed validation
        code:
          type: string
          description: Error code specific to this validation failure
        message:
          type: string
          description: Detailed message about the validation failure
        expected:
          type: string
          description: Expected value or condition
        actual:
          type: string
          description: Actual value received
    ErrorMetadata:
      type: object
      properties:
        status:
          type: integer
          description: HTTP status code
        request_id:
          type: string
          description: Unique identifier for debugging
        timestamp:
          type: string
          format: date-time
          description: When the error occurred
        resource_id:
          type: string
          description: Identifier of the resource that experienced the error
        useful_links:
          type: array
          items:
            type: string
          description: Links to relevant documentation
  responses:
    BadRequest:
      description: Bad Request
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Unauthorized
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    UnprocessableEntity:
      description: Unprocessable Entity
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: UUID
      description: UUID-based API key provided by Squads

````