# Input Validation

The loaded data needs to be verified. The library will perform several actions to make sure the input you received is valid. This verification process is performed by a Ceremony Step Manager (CSM). The Webauthn Specification distinguish two types of ceremonies[ described in this page](/v4.8/webauthn-in-a-nutshell/ceremonies.md).

## Ceremony Step Manager Factory

To facilitate the creation of the CSM, a default factory is included. This factory requires no external services to function.

{% code lineNumbers="true" %}

```php
<?php

declare(strict_types=1);

use Webauthn\CeremonyStep\CeremonyStepManagerFactory;

$csmFactory = new CeremonyStepManagerFactory();

$creationCSM = $csmFactory->creationCeremony();
$requestCSM = $csmFactory->requestCeremony();
```

{% endcode %}

{% hint style="info" %}
You can customize its behavior to fit the specific needs of your application by modifying the provided factory. Please refer to the dedicated pages for more information.

* [Counter Checker](/v4.8/pure-php/advanced-behaviours/authenticator-counter.md)
* [Attestation Statement Support Manager](/v4.8/pure-php/advanced-behaviours/attestation-and-metadata-statement.md#attestation-statement-support-manager)
* [Extension Output Checker Handler](/v4.8/pure-php/advanced-behaviours/extensions.md)
* [Algorithm Manager](/v4.8/pure-php/advanced-behaviours/authenticator-algorithms.md)
* [Metadata Statement Repository](/v4.8/pure-php/advanced-behaviours/attestation-and-metadata-statement.md#metadata-statement-repository)
* [Status Report Repository](/v4.8/pure-php/advanced-behaviours/attestation-and-metadata-statement.md#status-report-repository)
* [Certification Chain Validator](/v4.8/pure-php/advanced-behaviours/attestation-and-metadata-statement.md#certificate-chain-validator)
  {% endhint %}

These CSM services are meant to be used by Response Validators. On a similar way, there are two types of validators:

* **Authenticator Attestation Response Validator**: used during the creation ceremony
* **Authenticator Assertion Response Validator**: used during the request ceremony

## Response Validators

The Authenticator Attestation Response Validator and Authenticator Assertion Response Validator services are directly used when receiving Authenticator Responses in order to [register authenticators](/v4.8/pure-php/authenticator-registration.md) or [authenticate users](/v4.8/pure-php/authenticate-your-users.md).

{% hint style="info" %}
All null values below correspond to deprecated parameters. They will be removed in 5.0.0
{% endhint %}

{% code lineNumbers="true" %}

```php
<?php

declare(strict_types=1);

use Webauthn\AuthenticatorAttestationResponseValidator;
use Webauthn\AuthenticatorAssertionResponseValidator;

$authenticatorAttestationResponseValidator = AuthenticatorAttestationResponseValidator::create(
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    $creationCSM
);
$authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create(
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    null, //Deprecated
    $requestCSM
);

// Also valid
$authenticatorAttestationResponseValidator = AuthenticatorAttestationResponseValidator::create(
    ceremonyStepManager: $creationCSM
);
$authenticatorAssertionResponseValidator = AuthenticatorAssertionResponseValidator::create(
    ceremonyStepManager: $requestCSM
);
```

{% endcode %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://webauthn-doc.spomky-labs.com/v4.8/pure-php/input-validation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.