diff --git a/proxmox-tfa/src/api/mod.rs b/proxmox-tfa/src/api/mod.rs
index fcdf14b9..48bac1c6 100644
--- a/proxmox-tfa/src/api/mod.rs
+++ b/proxmox-tfa/src/api/mod.rs
@@ -10,7 +10,6 @@ use anyhow::{bail, format_err, Error};
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
 
-use webauthn_rs::proto::Credential as WebauthnCredential;
 use webauthn_rs::{proto::UserVerificationPolicy, Webauthn};
 
 use crate::totp::Totp;
@@ -29,7 +28,7 @@ pub mod methods;
 
 pub use recovery::RecoveryState;
 pub use u2f::U2fConfig;
-pub use webauthn::WebauthnConfig;
+pub use webauthn::{WebauthnConfig, WebauthnCredential};
 
 #[cfg(feature = "api-types")]
 pub use webauthn::WebauthnConfigUpdater;
@@ -594,7 +593,10 @@ impl TfaUserData {
             return Ok(None);
         }
 
-        let creds: Vec<_> = self.enabled_webauthn_entries().map(Clone::clone).collect();
+        let creds: Vec<_> = self
+            .enabled_webauthn_entries()
+            .map(|cred| cred.clone().into())
+            .collect();
 
         if creds.is_empty() {
             return Ok(None);
@@ -1015,6 +1017,6 @@ impl TfaUserChallenges {
                     .any(|cred| cred.entry.cred_id == *id))
             })?;
 
-        Ok(TfaEntry::new(reg.description, credential))
+        Ok(TfaEntry::new(reg.description, credential.into()))
     }
 }
diff --git a/proxmox-tfa/src/api/webauthn.rs b/proxmox-tfa/src/api/webauthn.rs
index 7f217bfa..54ed067b 100644
--- a/proxmox-tfa/src/api/webauthn.rs
+++ b/proxmox-tfa/src/api/webauthn.rs
@@ -5,6 +5,9 @@ use serde::{Deserialize, Serialize};
 #[cfg(feature = "api-types")]
 use proxmox_schema::{api, Updater};
 
+use webauthn_rs::crypto::COSEKey;
+use webauthn_rs::proto::{Credential, CredentialID};
+
 use super::IsExpired;
 
 #[cfg_attr(feature = "api-types", api)]
@@ -117,3 +120,34 @@ impl IsExpired for WebauthnAuthChallenge {
         self.created < at_epoch
     }
 }
+
+/// A webauthn credential
+#[derive(Clone, Debug, Serialize, Deserialize)]
+pub struct WebauthnCredential {
+    /// The ID of this credential.
+    pub cred_id: CredentialID,
+    /// The public key of this credential
+    pub cred: COSEKey,
+    /// The counter for this credential
+    pub counter: u32,
+}
+
+impl From<Credential> for WebauthnCredential {
+    fn from(cred: Credential) -> Self {
+        Self {
+            cred_id: cred.cred_id,
+            cred: cred.cred,
+            counter: cred.counter,
+        }
+    }
+}
+
+impl From<WebauthnCredential> for Credential {
+    fn from(val: WebauthnCredential) -> Self {
+        Credential {
+            cred_id: val.cred_id,
+            cred: val.cred,
+            counter: val.counter,
+        }
+    }
+}