Class: StytchB2B::OAuth::Discovery
- Inherits:
-
Object
- Object
- StytchB2B::OAuth::Discovery
- Includes:
- Stytch::RequestHelper
- Defined in:
- lib/stytch/b2b_oauth.rb
Instance Method Summary collapse
-
#authenticate(discovery_oauth_token:, session_token: nil, session_duration_minutes: nil, session_jwt: nil, session_custom_claims: nil, pkce_code_verifier: nil) ⇒ Object
Authenticates the Discovery OAuth token and exchanges it for an Intermediate Session Token.
-
#initialize(connection) ⇒ Discovery
constructor
A new instance of Discovery.
Methods included from Stytch::RequestHelper
#delete_request, #get_request, #post_request, #put_request, #request_with_query_params
Constructor Details
#initialize(connection) ⇒ Discovery
Returns a new instance of Discovery.
161 162 163 |
# File 'lib/stytch/b2b_oauth.rb', line 161 def initialize(connection) @connection = connection end |
Instance Method Details
#authenticate(discovery_oauth_token:, session_token: nil, session_duration_minutes: nil, session_jwt: nil, session_custom_claims: nil, pkce_code_verifier: nil) ⇒ Object
Authenticates the Discovery OAuth token and exchanges it for an Intermediate Session Token. Intermediate Session Tokens can be used for various Discovery login flows and are valid for 10 minutes.
Parameters:
- discovery_oauth_token
-
The Discovery OAuth token to authenticate. The type of this field is
String
. - session_token
-
(no documentation yet) The type of this field is nilable
String
. - session_duration_minutes
-
(no documentation yet) The type of this field is nilable
Integer
. - session_jwt
-
(no documentation yet) The type of this field is nilable
String
. - session_custom_claims
-
(no documentation yet) The type of this field is nilable
object
. - pkce_code_verifier
-
A base64url encoded one time secret used to validate that the request starts and ends on the same device. The type of this field is nilable
String
.
Returns:
An object with the following fields:
- request_id
-
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is
String
. - intermediate_session_token
-
The Intermediate Session Token. This token does not necessarily belong to a specific instance of a Member, but represents a bag of factors that may be converted to a member session. The token can be used with the [OTP SMS Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-otp-sms), [TOTP Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-totp), or [Recovery Codes Recover endpoint](stytch.com/docs/b2b/api/recovery-codes-recover) to complete an MFA flow and log in to the Organization. It can also be used with the [Exchange Intermediate Session endpoint](stytch.com/docs/b2b/api/exchange-intermediate-session) to join a specific Organization that allows the factors represented by the intermediate session token; or the [Create Organization via Discovery endpoint](stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. The type of this field is
String
. - email_address
-
The email address. The type of this field is
String
. - discovered_organizations
-
An array of ‘discovered_organization` objects tied to the `intermediate_session_token`, `session_token`, or `session_jwt`. See the [Discovered Organization Object](stytch.com/docs/b2b/api/discovered-organization-object) for complete details.
Note that Organizations will only appear here under any of the following conditions:
-
The end user is already a Member of the Organization.
-
The end user is invited to the Organization.
-
The end user can join the Organization because:
a) The Organization allows JIT provisioning. b) The Organizations' allowed domains list contains the Member's email domain. c) The Organization has at least one other Member with a verified email address with the same domain as the end user (to prevent phishing attacks).
The type of this field is list of
DiscoveredOrganization
(object
). -
- provider_type
-
(no documentation yet) The type of this field is
String
. - provider_tenant_id
-
(no documentation yet) The type of this field is
String
. - status_code
-
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is
Integer
.
221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 |
# File 'lib/stytch/b2b_oauth.rb', line 221 def authenticate( discovery_oauth_token:, session_token: nil, session_duration_minutes: nil, session_jwt: nil, session_custom_claims: nil, pkce_code_verifier: nil ) headers = {} request = { discovery_oauth_token: discovery_oauth_token } request[:session_token] = session_token unless session_token.nil? request[:session_duration_minutes] = session_duration_minutes unless session_duration_minutes.nil? request[:session_jwt] = session_jwt unless session_jwt.nil? request[:session_custom_claims] = session_custom_claims unless session_custom_claims.nil? request[:pkce_code_verifier] = pkce_code_verifier unless pkce_code_verifier.nil? post_request('/v1/b2b/oauth/discovery/authenticate', request, headers) end |