Class: StytchB2B::Organizations::Members

Inherits:
Object
  • Object
show all
Includes:
Stytch::RequestHelper
Defined in:
lib/stytch/b2b_organizations.rb

Defined Under Namespace

Classes: CreateRequestOptions, DeleteMFAPhoneNumberRequestOptions, DeletePasswordRequestOptions, DeleteRequestOptions, DeleteTOTPRequestOptions, OAuthProviders, ReactivateRequestOptions, SearchRequestOptions, UnlinkRetiredEmailRequestOptions, UpdateRequestOptions

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Stytch::RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Members

Returns a new instance of Members.



709
710
711
712
713
# File 'lib/stytch/b2b_organizations.rb', line 709

def initialize(connection)
  @connection = connection

  @oauth_providers = StytchB2B::Organizations::Members::OAuthProviders.new(@connection)
end

Instance Attribute Details

#oauth_providersObject (readonly)

Returns the value of attribute oauth_providers.



707
708
709
# File 'lib/stytch/b2b_organizations.rb', line 707

def oauth_providers
  @oauth_providers
end

Instance Method Details

#create(organization_id:, email_address:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, create_member_as_pending: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, method_options: nil) ⇒ Object

Creates a. An ‘organization_id` and `email_address` are required.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

email_address

The email address of the Member. The type of this field is String.

name

The name of the Member. The type of this field is nilable String.

trusted_metadata

An arbitrary JSON object for storing application-specific data or identity-provider-specific data. The type of this field is nilable object.

untrusted_metadata

An arbitrary JSON object of application-specific data. These fields can be edited directly by the frontend SDK, and should not be used to store critical information. See the [Metadata resource](stytch.com/docs/b2b/api/metadata) for complete field behavior details. The type of this field is nilable object.

create_member_as_pending

Flag for whether or not to save a Member as ‘pending` or `active` in Stytch. It defaults to false. If true, new Members will be created with status `pending` in Stytch’s backend. Their status will remain ‘pending` and they will continue to receive signup email templates for every Email Magic Link until that Member authenticates and becomes `active`. If false, new Members will be created with status `active`. The type of this field is nilable Boolean.

is_breakglass

Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization’s settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its ‘auth_methods` and `allowed_auth_methods` fields for more details. The type of this field is nilable Boolean.

mfa_phone_number

The Member’s phone number. A Member may only have one phone number. The type of this field is nilable String.

mfa_enrolled

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`. The type of this field is nilable Boolean.

roles

Roles to explicitly assign to this Member. See the [RBAC guide](stytch.com/docs/b2b/guides/rbac/role-assignment)

for more information about role assignment.

The type of this field is nilable list of String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::CreateRequestOptions object which will modify the headers sent in the HTTP request.



1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
# File 'lib/stytch/b2b_organizations.rb', line 1278

def create(
  organization_id:,
  email_address:,
  name: nil,
  trusted_metadata: nil,
  untrusted_metadata: nil,
  create_member_as_pending: nil,
  is_breakglass: nil,
  mfa_phone_number: nil,
  mfa_enrolled: nil,
  roles: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {
    email_address: email_address
  }
  request[:name] = name unless name.nil?
  request[:trusted_metadata] =  unless .nil?
  request[:untrusted_metadata] =  unless .nil?
  request[:create_member_as_pending] = create_member_as_pending unless create_member_as_pending.nil?
  request[:is_breakglass] = is_breakglass unless is_breakglass.nil?
  request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil?
  request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil?
  request[:roles] = roles unless roles.nil?

  post_request("/v1/b2b/organizations/#{organization_id}/members", request, headers)
end

#dangerously_get(member_id:, include_deleted: nil) ⇒ Object

Get a Member by ‘member_id`. This endpoint does not require an `organization_id`, enabling you to get members across organizations. This is a dangerous operation. Incorrect use may open you up to indirect object reference (IDOR) attacks. We recommend using the [Get Member](stytch.com/docs/b2b/api/get-member) API instead.

Parameters:

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

include_deleted

Whether to include deleted Members in the response. Defaults to false. The type of this field is nilable Boolean.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.



1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
# File 'lib/stytch/b2b_organizations.rb', line 1128

def dangerously_get(
  member_id:,
  include_deleted: nil
)
  headers = {}
  query_params = {
    include_deleted: include_deleted
  }
  request = request_with_query_params("/v1/b2b/organizations/members/dangerously_get/#{member_id}", query_params)
  get_request(request, headers)
end

#delete(organization_id:, member_id:, method_options: nil) ⇒ Object

Deletes a specified by ‘organization_id` and `member_id`.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteRequestOptions object which will modify the headers sent in the HTTP request.



862
863
864
865
866
867
868
869
870
# File 'lib/stytch/b2b_organizations.rb', line 862

def delete(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", headers)
end

#delete_mfa_phone_number(organization_id:, member_id:, method_options: nil) ⇒ Object

Delete a’s MFA phone number.

To change a Member’s phone number, you must first call this endpoint to delete the existing phone number.

Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again. If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number and calling the [OTP SMS send](stytch.com/docs/b2b/api/otp-sms-send) endpoint, then calling the [OTP SMS Authenticate](stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteMFAPhoneNumberRequestOptions object which will modify the headers sent in the HTTP request.



950
951
952
953
954
955
956
957
958
# File 'lib/stytch/b2b_organizations.rb', line 950

def delete_mfa_phone_number(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/mfa_phone_numbers/#{member_id}", headers)
end

#delete_password(organization_id:, member_password_id:, method_options: nil) ⇒ Object

Delete a’s password.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_password_id

Globally unique UUID that identifies a Member’s password. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeletePasswordRequestOptions object which will modify the headers sent in the HTTP request.



1091
1092
1093
1094
1095
1096
1097
1098
1099
# File 'lib/stytch/b2b_organizations.rb', line 1091

def delete_password(
  organization_id:,
  member_password_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/passwords/#{member_password_id}", headers)
end

#delete_totp(organization_id:, member_id:, method_options: nil) ⇒ Object

Delete a Member’s MFA TOTP registration.

To mint a new registration for a Member, you must first call this endpoint to delete the existing registration.

Existing Member Sessions that include the TOTP authentication factor will not be revoked if the registration is deleted, and MFA will not be enforced until the Member logs in again.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::DeleteTOTPRequestOptions object which will modify the headers sent in the HTTP request.



994
995
996
997
998
999
1000
1001
1002
# File 'lib/stytch/b2b_organizations.rb', line 994

def delete_totp(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/totp", headers)
end

#get(organization_id:, member_id: nil, email_address: nil) ⇒ Object

Get a Member by ‘member_id` or `email_address`.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is nilable String.

email_address

The email address of the Member. The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.



1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
# File 'lib/stytch/b2b_organizations.rb', line 1338

def get(
  organization_id:,
  member_id: nil,
  email_address: nil
)
  headers = {}
  query_params = {
    member_id: member_id,
    email_address: email_address
  }
  request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/member", query_params)
  get_request(request, headers)
end

#oidc_providers(organization_id:, member_id:, include_refresh_token: nil) ⇒ Object



1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
# File 'lib/stytch/b2b_organizations.rb', line 1140

def oidc_providers(
  organization_id:,
  member_id:,
  include_refresh_token: nil
)
  headers = {}
  query_params = {
    include_refresh_token: include_refresh_token
  }
  request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/oidc_providers", query_params)
  get_request(request, headers)
end

#reactivate(organization_id:, member_id:, method_options: nil) ⇒ Object

Reactivates a deleted’s status and its associated email status (if applicable) to active, specified by ‘organization_id` and `member_id`. This endpoint will only work for Members with at least one verified email where their `email_address_verified` is `true`.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::ReactivateRequestOptions object which will modify the headers sent in the HTTP request.



902
903
904
905
906
907
908
909
910
911
912
# File 'lib/stytch/b2b_organizations.rb', line 902

def reactivate(
  organization_id:,
  member_id:,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {}

  put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/reactivate", request, headers)
end

#search(organization_ids:, cursor: nil, limit: nil, query: nil, method_options: nil) ⇒ Object

Search for Members within specified Organizations. An array with at least one ‘organization_id` is required. Submitting an empty `query` returns all non-deleted Members within the specified Organizations.

*All fuzzy search filters require a minimum of three characters.

Parameters:

organization_ids

An array of organization_ids. At least one value is required. The type of this field is list of String.

cursor

The ‘cursor` field allows you to paginate through your results. Each result array is limited to 1000 results. If your query returns more than 1000 results, you will need to paginate the responses using the `cursor`. If you receive a response that includes a non-null `next_cursor` in the `results_metadata` object, repeat the search call with the `next_cursor` value set to the `cursor` field to retrieve the next page of results. Continue to make search calls until the `next_cursor` in the response is null. The type of this field is nilable String.

limit

The number of search results to return per page. The default limit is 100. A maximum of 1000 results can be returned by a single search request. If the total size of your result set is greater than one page size, you must paginate the response. See the ‘cursor` field. The type of this field is nilable Integer.

query

The optional query object contains the operator, i.e. ‘AND` or `OR`, and the operands that will filter your results. Only an operator is required. If you include no operands, no filtering will be applied. If you include no query object, it will return all Members with no filtering applied. The type of this field is nilable SearchQuery (object).

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

members

An array of [Member objects](member-object). The type of this field is list of Member (object).

results_metadata

The search ‘results_metadata` object contains metadata relevant to your specific query like `total` and `next_cursor`. The type of this field is ResultsMetadata (object).

organizations

A map from ‘organization_id` to [Organization object](stytch.com/docs/b2b/api/organization-object). The map only contains the Organizations that the Members belongs to. The type of this field is map of String to Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::SearchRequestOptions object which will modify the headers sent in the HTTP request.



1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
# File 'lib/stytch/b2b_organizations.rb', line 1042

def search(
  organization_ids:,
  cursor: nil,
  limit: nil,
  query: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {
    organization_ids: organization_ids
  }
  request[:cursor] = cursor unless cursor.nil?
  request[:limit] = limit unless limit.nil?
  request[:query] = query unless query.nil?

  post_request('/v1/b2b/organizations/members/search', request, headers)
end

Unlinks a retired email address from a specified by their ‘organization_id` and `member_id`. The email address to be retired can be identified in the request body by either its `email_id`, its `email_address`, or both. If using both identifiers they must refer to the same email.

A previously active email address can be marked as retired in one of two ways:

  • It’s replaced with a new primary email address during an explicit Member update.

  • A new email address is surfaced by an OAuth, SAML or OIDC provider. In this case the new email address becomes the Member’s primary email address and the old primary email address is retired.

A retired email address cannot be used by other Members in the same Organization. However, unlinking retired email addresses allows them to be subsequently re-used by other Organization Members. Retired email addresses can be viewed on the [Member object](stytch.com/docs/b2b/api/member-object).

%}

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

email_id

The globally unique UUID of a Member’s email. The type of this field is nilable String.

email_address

The email address of the Member. The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::UnlinkRetiredEmailRequestOptions object which will modify the headers sent in the HTTP request.



1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
# File 'lib/stytch/b2b_organizations.rb', line 1205

def unlink_retired_email(
  organization_id:,
  member_id:,
  email_id: nil,
  email_address: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {}
  request[:email_id] = email_id unless email_id.nil?
  request[:email_address] = email_address unless email_address.nil?

  post_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/unlink_retired_email", request, headers)
end

#update(organization_id:, member_id:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, preserve_existing_sessions: nil, default_mfa_method: nil, email_address: nil, method_options: nil) ⇒ Object

Updates a specified by ‘organization_id` and `member_id`.

Parameters:

organization_id

Globally unique UUID that identifies a specific Organization. The ‘organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The ‘member_id` is critical to perform operations on a Member, so be sure to preserve this value. The type of this field is String.

name

The name of the Member.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.name` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.name` action on the `stytch.self` Resource.

The type of this field is nilable +String+.
trusted_metadata

An arbitrary JSON object for storing application-specific data or identity-provider-specific data.

If a session header is passed into the request, this field may **not** be passed into the request. You cannot
update trusted metadata when acting as a Member.

The type of this field is nilable object.

untrusted_metadata

An arbitrary JSON object of application-specific data. These fields can be edited directly by the frontend SDK, and should not be used to store critical information. See the [Metadata resource](stytch.com/docs/b2b/api/metadata) for complete field behavior details.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.untrusted-metadata` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.untrusted-metadata` action on the `stytch.self` Resource.

The type of this field is nilable +object+.
is_breakglass

Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization’s settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its ‘auth_methods` and `allowed_auth_methods` fields for more details.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.is-breakglass` action on the `stytch.member` Resource.

The type of this field is nilable +Boolean+.
mfa_phone_number

Sets the Member’s phone number. Throws an error if the Member already has a phone number. To change the Member’s phone number, use the [Delete member phone number endpoint](stytch.com/docs/b2b/api/delete-member-mfa-phone-number) to delete the Member’s existing phone number first.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.mfa-phone` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.mfa-phone` action on the `stytch.self` Resource.

The type of this field is nilable +String+.
mfa_enrolled

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.mfa-enrolled` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.mfa-enrolled` action on the `stytch.self` Resource.

The type of this field is nilable +Boolean+.
roles

Roles to explicitly assign to this Member.

Will completely replace any existing explicitly assigned roles. See the
[RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role assignment.

  If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO connection
  or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO
  authentication factors with the affected connection ID. You can preserve these sessions by passing in the
  `preserve_existing_sessions` parameter with a value of `true`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.roles` action on the `stytch.member` Resource.

The type of this field is nilable list of +String+.
preserve_existing_sessions

Whether to preserve existing sessions when explicit Roles that are revoked are also implicitly assigned by SSO connection or SSO group. Defaults to ‘false` - that is, existing Member Sessions that contain SSO authentication factors with the affected SSO connection IDs will be revoked. The type of this field is nilable Boolean.

default_mfa_method

Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization’s MFA policy is set to ‘REQUIRED_FOR_ALL`.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.settings.default-mfa-method` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.default-mfa-method` action on the `stytch.self` Resource.

The type of this field is nilable +String+.
email_address

Updates the Member’s ‘email_address`, if provided.

If a Member's email address is changed, other Members in the same Organization cannot use the old email address, although the Member may update back to their old email address.
A Member's email address can only be useable again by other Members if the Member is deleted.

If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the ‘update.info.email` action on the `stytch.member` Resource. Members cannot update their own email address.

The type of this field is nilable +String+.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

member_id

Globally unique UUID that identifies a specific Member. The type of this field is String.

member

The [Member object](stytch.com/docs/b2b/api/member-object) The type of this field is Member (object).

organization

The [Organization object](stytch.com/docs/b2b/api/organization-object). The type of this field is Organization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.

Method Options:

This method supports an optional StytchB2B::Organizations::Members::UpdateRequestOptions object which will modify the headers sent in the HTTP request.



806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
# File 'lib/stytch/b2b_organizations.rb', line 806

def update(
  organization_id:,
  member_id:,
  name: nil,
  trusted_metadata: nil,
  untrusted_metadata: nil,
  is_breakglass: nil,
  mfa_phone_number: nil,
  mfa_enrolled: nil,
  roles: nil,
  preserve_existing_sessions: nil,
  default_mfa_method: nil,
  email_address: nil,
  method_options: nil
)
  headers = {}
  headers = headers.merge(method_options.to_headers) unless method_options.nil?
  request = {}
  request[:name] = name unless name.nil?
  request[:trusted_metadata] =  unless .nil?
  request[:untrusted_metadata] =  unless .nil?
  request[:is_breakglass] = is_breakglass unless is_breakglass.nil?
  request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil?
  request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil?
  request[:roles] = roles unless roles.nil?
  request[:preserve_existing_sessions] = preserve_existing_sessions unless preserve_existing_sessions.nil?
  request[:default_mfa_method] = default_mfa_method unless default_mfa_method.nil?
  request[:email_address] = email_address unless email_address.nil?

  put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", request, headers)
end