Skip to main content
POST
/
instances
/
{instanceId}
/
token
/
{token}
/
reset-passkey-challenge
Reset the Challenge
curl --request POST \
  --url https://api.z-api.io/instances/{instanceId}/token/{token}/reset-passkey-challenge \
  --header 'Client-Token: <api-key>'

Overview

On some devices, WhatsApp has started requiring an additional verification step when attempting to connect to WhatsApp Web, called Passkey. Because of this, devices that try to read the QR Code via the API may receive a Challenge in return.
This method is part of the instance connection flow via Passkey (WebAuthn). It is used when the client wants to generate a new QR Code — for example, to scan it with a different device. When this endpoint is called, the current challenge is reset. On the next call to the QR Code endpoint, a new QR Code is generated.
This endpoint invalidates the current passkey flow. After a successful call, the qr-code endpoint must be called again to obtain the new QR Code.

Attributes

Required

instanceId
string
required
Your instance ID. Available in the Z-API panel under Instances.
token
string
required
Your Z-API instance token.

Response

200

Returns the result of the processing by the instance. There are two possible variations: Success — challenge reset:
{ "success": true }
Failure — unable to restart the instance:
{ "success": false, "error": "Failed to restart instance after challenge reset" }
On success, call the qr-code endpoint again to obtain the new QR Code.

400

Returned in the following cases:
  • Instance not found for the instanceId + token pair:
{ "error": "Instance not found", "value": null }

405

In this case, make sure you are sending the correct method specification, i.e., check whether you sent a POST or GET request as specified at the beginning of this topic.

415

If you receive a 415 error, make sure to add the “Content-Type” of the object you are sending to the request headers, most commonly “application/json”.