Class: StytchB2B::Passwords::Discovery::Email
- Inherits:
-
Object
- Object
- StytchB2B::Passwords::Discovery::Email
- Includes:
- Stytch::RequestHelper
- Defined in:
- lib/stytch/b2b_passwords.rb
Instance Method Summary collapse
-
#initialize(connection) ⇒ Email
constructor
A new instance of Email.
-
#reset(password_reset_token:, password:, pkce_code_verifier: nil) ⇒ Object
Reset the password associated with an email and start an intermediate session.
-
#reset_start(email_address:, reset_password_redirect_url: nil, discovery_redirect_url: nil, reset_password_template_id: nil, reset_password_expiration_minutes: nil, pkce_code_challenge: nil, locale: nil) ⇒ Object
Initiates a password reset for the email address provided, when cross-org passwords are enabled.
Methods included from Stytch::RequestHelper
#delete_request, #get_request, #post_request, #put_request, #request_with_query_params
Constructor Details
#initialize(connection) ⇒ Email
Returns a new instance of Email.
934 935 936 |
# File 'lib/stytch/b2b_passwords.rb', line 934 def initialize(connection) @connection = connection end |
Instance Method Details
#reset(password_reset_token:, password:, pkce_code_verifier: nil) ⇒ Object
Reset the password associated with an email and start an intermediate session. This endpoint checks that the password reset token is valid, hasn’t expired, or already been used.
The provided password needs to meet the project’s password strength requirements, which can be checked in advance with the password strength endpoint. If the token and password are accepted, the password is securely stored for future authentication and the user is authenticated.
Resetting a password will start an intermediate session and return a list of discovered organizations the session can be exchanged into.
Parameters:
- password_reset_token
-
The password reset token to authenticate. The type of this field is
String
. - password
-
The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, etc. The type of this field is
String
. - pkce_code_verifier
-
(no documentation yet) The type of this field is nilable
String
.
Returns:
An object with the following fields:
- request_id
-
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is
String
. - intermediate_session_token
-
The returned Intermediate Session Token contains a password factor associated with the Member. If this value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The token can be used with the [OTP SMS Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-otp-sms), [TOTP Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-totp), or [Recovery Codes Recover endpoint](stytch.com/docs/b2b/api/recovery-codes-recover) to complete an MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so the intermediate session token is not valid for use with discovery endpoints. The type of this field is
String
. - email_address
-
(no documentation yet) The type of this field is
String
. - discovered_organizations
-
(no documentation yet) The type of this field is list of
DiscoveredOrganization
(object
). - status_code
-
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is
Integer
.
1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 |
# File 'lib/stytch/b2b_passwords.rb', line 1043 def reset( password_reset_token:, password:, pkce_code_verifier: nil ) headers = {} request = { password_reset_token: password_reset_token, password: password } request[:pkce_code_verifier] = pkce_code_verifier unless pkce_code_verifier.nil? post_request('/v1/b2b/passwords/discovery/email/reset', request, headers) end |
#reset_start(email_address:, reset_password_redirect_url: nil, discovery_redirect_url: nil, reset_password_template_id: nil, reset_password_expiration_minutes: nil, pkce_code_challenge: nil, locale: nil) ⇒ Object
Initiates a password reset for the email address provided, when cross-org passwords are enabled. This will trigger an email to be sent to the address, containing a magic link that will allow them to set a new password and authenticate.
This endpoint adapts to your Project’s password strength configuration. If you’re using [zxcvbn](stytch.com/docs/guides/passwords/strength-policy), the default, your passwords are considered valid if the strength score is >= 3. If you’re using [LUDS](stytch.com/docs/guides/passwords/strength-policy), your passwords are considered valid if they meet the requirements that you’ve set with Stytch. You may update your password strength configuration in the [stytch dashboard](stytch.com/dashboard/password-strength-config).
Parameters:
- email_address
-
The email address of the Member to start the email reset process for. The type of this field is
String
. - reset_password_redirect_url
-
The URL that the Member clicks from the reset password link. This URL should be an endpoint in the backend server that verifies the request by querying Stytch’s authenticate endpoint and finishes the reset password flow. If this value is not passed, the default ‘reset_password_redirect_url` that you set in your Dashboard is used. If you have not set a default `reset_password_redirect_url`, an error is returned. The type of this field is nilable
String
. - discovery_redirect_url
-
The URL that the end user clicks from the discovery Magic Link. This URL should be an endpoint in the backend server that verifies the request by querying Stytch’s discovery authenticate endpoint and continues the flow. If this value is not passed, the default discovery redirect URL that you set in your Dashboard is used. If you have not set a default discovery redirect URL, an error is returned. The type of this field is nilable
String
. - reset_password_template_id
-
Use a custom template for reset password emails. By default, it will use your default email template. The template must be a template using our built-in customizations or a custom HTML email for Magic Links - Reset Password. The type of this field is nilable
String
. - reset_password_expiration_minutes
-
Sets a time limit after which the email link to reset the member’s password will no longer be valid. The type of this field is nilable
Integer
. - pkce_code_challenge
-
(no documentation yet) The type of this field is nilable
String
. - locale
-
Used to determine which language to use when sending the user this delivery method. Parameter is a [IETF BCP 47 language tag](www.w3.org/International/articles/language-tags/), e.g. ‘“en”`.
Currently supported languages are English (‘“en”`), Spanish (`“es”`), and Brazilian Portuguese (`“pt-br”`); if no value is provided, the copy defaults to English.
Request support for additional languages [here](docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link“)!
The type of this field is nilable +String+.
Returns:
An object with the following fields:
- request_id
-
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is
String
. - status_code
-
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is
Integer
.
986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 |
# File 'lib/stytch/b2b_passwords.rb', line 986 def reset_start( email_address:, reset_password_redirect_url: nil, discovery_redirect_url: nil, reset_password_template_id: nil, reset_password_expiration_minutes: nil, pkce_code_challenge: nil, locale: nil ) headers = {} request = { email_address: email_address } request[:reset_password_redirect_url] = reset_password_redirect_url unless reset_password_redirect_url.nil? request[:discovery_redirect_url] = discovery_redirect_url unless discovery_redirect_url.nil? request[:reset_password_template_id] = reset_password_template_id unless reset_password_template_id.nil? request[:reset_password_expiration_minutes] = reset_password_expiration_minutes unless reset_password_expiration_minutes.nil? request[:pkce_code_challenge] = pkce_code_challenge unless pkce_code_challenge.nil? request[:locale] = locale unless locale.nil? post_request('/v1/b2b/passwords/discovery/email/reset/start', request, headers) end |