User must be authenticated. Paste a valid access_token below, then click
Get Options → your device prompts for biometrics → click
Verify.
No prior auth needed. Optionally provide a phone/identifier for server-side credential pre-selection; leave blank for discoverable (device prompts passkey picker).