Class: StytchB2B::Organizations::Members

Inherits:

Object

• Object
• StytchB2B::Organizations::Members

Includes:

Stytch::RequestHelper

Defined in:

lib/stytch/b2b_organizations.rb

Defined Under Namespace

Classes: CreateRequestOptions, DeleteMFAPhoneNumberRequestOptions, DeletePasswordRequestOptions, DeleteRequestOptions, DeleteTOTPRequestOptions, OAuthProviders, ReactivateRequestOptions, SearchRequestOptions, UpdateRequestOptions

Instance Attribute Summary

• #oauth_providers ⇒ Object readonly

  Returns the value of attribute oauth_providers.

Instance Method Summary

• #create(organization_id:, email_address:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, create_member_as_pending: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, method_options: nil) ⇒ Object

  Creates a Member.

• #dangerously_get(member_id:) ⇒ Object

  Get a Member by ‘member_id`.

• #delete(organization_id:, member_id:, method_options: nil) ⇒ Object

  Deletes a Member specified by ‘organization_id` and `member_id`.

• #delete_mfa_phone_number(organization_id:, member_id:, method_options: nil) ⇒ Object

  Delete a Member’s MFA phone number.

• #delete_password(organization_id:, member_password_id:, method_options: nil) ⇒ Object

  Delete a Member’s password.

• #delete_totp(organization_id:, member_id:, method_options: nil) ⇒ Object

  Delete a Member’s MFA TOTP registration.

• #get(organization_id:, member_id: nil, email_address: nil) ⇒ Object

  Get a Member by ‘member_id` or `email_address`.

• #initialize(connection) ⇒ Members constructor

  A new instance of Members.

• #reactivate(organization_id:, member_id:, method_options: nil) ⇒ Object

  Reactivates a deleted Member’s status and its associated email status (if applicable) to active, specified by ‘organization_id` and `member_id`.

• #search(organization_ids:, cursor: nil, limit: nil, query: nil, method_options: nil) ⇒ Object

  Search for Members within specified Organizations.

• #update(organization_id:, member_id:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, preserve_existing_sessions: nil, default_mfa_method: nil, email_address: nil, method_options: nil) ⇒ Object

  Updates a Member specified by ‘organization_id` and `member_id`.

Methods included from Stytch::RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Members

Returns a new instance of Members.

# File 'lib/stytch/b2b_organizations.rb', line 668

def initialize(connection)
  @connection = connection

  @oauth_providers = StytchB2B::Organizations::Members::OAuthProviders.new(@connection)
end

Instance Attribute Details

#oauth_providers ⇒ Object (readonly)

Returns the value of attribute oauth_providers.

# File 'lib/stytch/b2b_organizations.rb', line 666

def oauth_providers
  @oauth_providers
end

Instance Method Details

#create(organization_id:, email_address:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, create_member_as_pending: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, method_options: nil) ⇒ Object

Creates a Member. An ‘organization_id` and `email_address` are required. /%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

email_address

The email address of the Member. The type of this field is String.

name

The name of the Member. The type of this field is nilable String.

trusted_metadata

An arbitrary JSON object for storing application-specific data or identity-provider-specific data. The type of this field is nilable object.

untrusted_metadata

An arbitrary JSON object of application-specific data. These fields can be edited directly by the frontend SDK, and should not be used to store critical information. See the [Metadata resource](stytch.com/docs/b2b/api/metadata) for complete field behavior details. The type of this field is nilable object.

create_member_as_pending

Flag for whether or not to save a Member as ‘pending` or `active` in Stytch. It defaults to false. If true, new Members will be created with status `pending` in Stytch’s backend. Their status will remain ‘pending` and they will continue to receive signup email templates for every Email Magic Link until that Member authenticates and becomes `active`. If false, new Members will be created with status `active`. The type of this field is nilable Boolean.

is_breakglass

Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization’s settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its ‘auth_methods` and `allowed_auth_methods` fields for more details. The type of this field is nilable Boolean.

mfa_phone_number

The Member’s phone number. A Member may only have one phone number. The type of this field is nilable String.

mfa_enrolled

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`. The type of this field is nilable Boolean.

roles

Roles to explicitly assign to this Member. See the [RBAC guide](stytch.com/docs/b2b/guides/rbac/role-assignment)

for more information about role assignment.

The type of this field is nilable list of String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::CreateRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 1176

def create(
  organization_id:,
  email_address:,
  name: nil,
  trusted_metadata: nil,
  untrusted_metadata: nil,
  create_member_as_pending: nil,
  is_breakglass: nil,
  mfa_phone_number: nil,
  mfa_enrolled: nil,
  roles: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {
    email_address: email_address
  }
  request[:name] = name unless name.nil?
  request[:trusted_metadata] = trusted_metadata unless trusted_metadata.nil?
  request[:untrusted_metadata] = untrusted_metadata unless untrusted_metadata.nil?
  request[:create_member_as_pending] = create_member_as_pending unless create_member_as_pending.nil?
  request[:is_breakglass] = is_breakglass unless is_breakglass.nil?
  request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil?
  request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil?
  request[:roles] = roles unless roles.nil?

  post_request("/v1/b2b/organizations/#{organization_id}/members", request, headers)
end

#dangerously_get(member_id:) ⇒ Object

Get a Member by ‘member_id`. This endpoint does not require an `organization_id`, enabling you to get members across organizations. This is a dangerous operation. Incorrect use may open you up to indirect object reference (IDOR) attacks. We recommend using the [Get Member](stytch.com/docs/b2b/api/get-member) API instead.

Parameters:

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

# File 'lib/stytch/b2b_organizations.rb', line 1110

def dangerously_get(
  member_id:
)
  headers = {}
  query_params = {}
  request = request_with_query_params("/v1/b2b/organizations/members/dangerously_get/#{member_id}", query_params)
  get_request(request, headers)
end

#delete(organization_id:, member_id:, method_options: nil) ⇒ Object

Deletes a Member specified by ‘organization_id` and `member_id`. /%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 833

def delete(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", headers)
end

#delete_mfa_phone_number(organization_id:, member_id:, method_options: nil) ⇒ Object

Delete a Member’s MFA phone number.

To change a Member’s phone number, you must first call this endpoint to delete the existing phone number.

Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again. If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number and calling the [OTP SMS send](stytch.com/docs/b2b/api/otp-sms-send) endpoint, then calling the [OTP SMS Authenticate](stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint.

/%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteMFAPhoneNumberRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 922

def delete_mfa_phone_number(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/mfa_phone_numbers/#{member_id}", headers)
end

#delete_password(organization_id:, member_password_id:, method_options: nil) ⇒ Object

Delete a Member’s password. /%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_password_id

Globally unique UUID that identifies a Member’s password. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeletePasswordRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 1076

def delete_password(
  organization_id:,
  member_password_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/passwords/#{member_password_id}", headers)
end

#delete_totp(organization_id:, member_id:, method_options: nil) ⇒ Object

Delete a Member’s MFA TOTP registration.

To mint a new registration for a Member, you must first call this endpoint to delete the existing registration.

Existing Member Sessions that include the TOTP authentication factor will not be revoked if the registration is deleted, and MFA will not be enforced until the Member logs in again.

/%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteTOTPRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 967

def delete_totp(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/totp", headers)
end

#get(organization_id:, member_id: nil, email_address: nil) ⇒ Object

Get a Member by ‘member_id` or `email_address`.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is nilable String.

email_address

The email address of the Member. The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

# File 'lib/stytch/b2b_organizations.rb', line 1236

def get(
  organization_id:,
  member_id: nil,
  email_address: nil
)
  headers = {}
  query_params = {
    member_id: member_id,
    email_address: email_address
  }
  request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/member", query_params)
  get_request(request, headers)
end

#reactivate(organization_id:, member_id:, method_options: nil) ⇒ Object

Reactivates a deleted Member’s status and its associated email status (if applicable) to active, specified by ‘organization_id` and `member_id`. /%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::ReactivateRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 873

def reactivate(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {}

  put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/reactivate", request, headers)
end

#search(organization_ids:, cursor: nil, limit: nil, query: nil, method_options: nil) ⇒ Object

Search for Members within specified Organizations. An array with at least one ‘organization_id` is required. Submitting an empty `query` returns all non-deleted Members within the specified Organizations.

*All fuzzy search filters require a minimum of three characters.

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a ‘session_token` or a `session_jwt` for an unexpired Member Session, we will check that the Member Session has permission to perform the `search` action on the `stytch.member` Resource. In addition, enforcing RBAC on this endpoint means that you may only search for Members within the calling Member’s Organization, so the ‘organization_ids` argument may only contain the `organization_id` of the Member Session passed in the header.

If the Member Session does not contain a Role that satisfies the requested permission, or if the ‘organization_ids` argument contains an `organization_id` that the Member Session does not belong to, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our [RBAC guide](stytch.com/docs/b2b/guides/rbac/overview).

Parameters:

organization_ids

An array of organization_ids. At least one value is required. The type of this field is list of String.

cursor

The ‘cursor` field allows you to paginate through your results. Each result array is limited to 1000 results. If your query returns more than 1000 results, you will need to paginate the responses using the `cursor`. If you receive a response that includes a non-null `next_cursor` in the `results_metadata` object, repeat the search call with the `next_cursor` value set to the `cursor` field to retrieve the next page of results. Continue to make search calls until the `next_cursor` in the response is null. The type of this field is nilable String.

limit

The number of search results to return per page. The default limit is 100. A maximum of 1000 results can be returned by a single search request. If the total size of your result set is greater than one page size, you must paginate the response. See the ‘cursor` field. The type of this field is nilable Integer.

query

The optional query object contains the operator, i.e. ‘AND` or `OR`, and the operands that will filter your results. Only an operator is required. If you include no operands, no filtering will be applied. If you include no query object, it will return all Members with no filtering applied. The type of this field is nilable SearchQuery (object).

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

members

An array of [Member objects](member-object). The type of this field is list of Member (object).

results_metadata

The search ‘results_metadata` object contains metadata relevant to your specific query like `total` and `next_cursor`. The type of this field is ResultsMetadata (object).

organizations

A map from ‘organization_id` to [Organization object](stytch.com/docs/b2b/api/organization-object). The map only contains the Organizations that the Members belongs to. The type of this field is map of String to Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::SearchRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 1027

def search(
  organization_ids:,
  cursor: nil,
  limit: nil,
  query: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {
    organization_ids: organization_ids
  }
  request[:cursor] = cursor unless cursor.nil?
  request[:limit] = limit unless limit.nil?
  request[:query] = query unless query.nil?

  post_request('/v1/b2b/organizations/members/search', request, headers)
end

#update(organization_id:, member_id:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, preserve_existing_sessions: nil, default_mfa_method: nil, email_address: nil, method_options: nil) ⇒ Object

Updates a Member specified by ‘organization_id` and `member_id`.

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a ‘session_token` or a `session_jwt` for an unexpired Member Session, we will check that the Member Session has the necessary permissions. The specific permissions needed depend on which of the optional fields are passed in the request. For example, if the `organization_name` argument is provided, the Member Session must have permission to perform the `update.info.name` action on the `stytch.organization` Resource.

If the Member Session does not contain a Role that satisfies the requested permissions, or if the Member’s Organization does not match the ‘organization_id` passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our [RBAC guide](stytch.com/docs/b2b/guides/rbac/overview).

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

name

The name of the Member.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.name` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.name` action on the `stytch.self` Resource.

The type of this field is nilable +String+.

trusted_metadata

An arbitrary JSON object for storing application-specific data or identity-provider-specific data.

If a session header is passed into the request, this field may **not** be passed into the request. You cannot
update trusted metadata when acting as a Member.

The type of this field is nilable object.

untrusted_metadata

An arbitrary JSON object of application-specific data. These fields can be edited directly by the frontend SDK, and should not be used to store critical information. See the [Metadata resource](stytch.com/docs/b2b/api/metadata) for complete field behavior details.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.untrusted-metadata` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.untrusted-metadata` action on the `stytch.self` Resource.

The type of this field is nilable +object+.

is_breakglass

Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization’s settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its ‘auth_methods` and `allowed_auth_methods` fields for more details.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.is-breakglass` action on the `stytch.member` Resource.

The type of this field is nilable +Boolean+.

mfa_phone_number

Sets the Member’s phone number. Throws an error if the Member already has a phone number. To change the Member’s phone number, use the [Delete member phone number endpoint](stytch.com/docs/b2b/api/delete-member-mfa-phone-number) to delete the Member’s existing phone number first.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.mfa-phone` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.mfa-phone` action on the `stytch.self` Resource.

The type of this field is nilable +String+.

mfa_enrolled

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.mfa-enrolled` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.mfa-enrolled` action on the `stytch.self` Resource.

The type of this field is nilable +Boolean+.

roles

Roles to explicitly assign to this Member.

Will completely replace any existing explicitly assigned roles. See the
[RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role assignment.

  If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO connection
  or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO
  authentication factors with the affected connection ID. You can preserve these sessions by passing in the
  `preserve_existing_sessions` parameter with a value of `true`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.roles` action on the `stytch.member` Resource.

The type of this field is nilable list of +String+.

preserve_existing_sessions

Whether to preserve existing sessions when explicit Roles that are revoked are also implicitly assigned by SSO connection or SSO group. Defaults to ‘false` - that is, existing Member Sessions that contain SSO authentication factors with the affected SSO connection IDs will be revoked. The type of this field is nilable Boolean.

default_mfa_method

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.default-mfa-method` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.default-mfa-method` action on the `stytch.self` Resource.

The type of this field is nilable +String+.

email_address

Updates the Member’s ‘email_address`, if provided.

If a Member's email address is changed, other Members in the same Organization cannot use the old email address, although the Member may update back to their old email address.
A Member's email address can only be useable again by other Members if the Member is deleted.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.email` action on the `stytch.member` Resource. Members cannot update their own email address.

The type of this field is nilable +String+.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::UpdateRequestOptions object which will modify the headers sent in the HTTP request.

# File 'lib/stytch/b2b_organizations.rb', line 777

def update(
  organization_id:,
  member_id:,
  name: nil,
  trusted_metadata: nil,
  untrusted_metadata: nil,
  is_breakglass: nil,
  mfa_phone_number: nil,
  mfa_enrolled: nil,
  roles: nil,
  preserve_existing_sessions: nil,
  default_mfa_method: nil,
  email_address: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {}
  request[:name] = name unless name.nil?
  request[:trusted_metadata] = trusted_metadata unless trusted_metadata.nil?
  request[:untrusted_metadata] = untrusted_metadata unless untrusted_metadata.nil?
  request[:is_breakglass] = is_breakglass unless is_breakglass.nil?
  request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil?
  request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil?
  request[:roles] = roles unless roles.nil?
  request[:preserve_existing_sessions] = preserve_existing_sessions unless preserve_existing_sessions.nil?
  request[:default_mfa_method] = default_mfa_method unless default_mfa_method.nil?
  request[:email_address] = email_address unless email_address.nil?

  put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", request, headers)
end