Class: StytchB2B::Passwords::Discovery::Email

Inherits:
Object
  • Object
show all
Includes:
Stytch::RequestHelper
Defined in:
lib/stytch/b2b_passwords.rb

Instance Method Summary collapse

Methods included from Stytch::RequestHelper

#delete_request, #get_request, #post_request, #put_request, #request_with_query_params

Constructor Details

#initialize(connection) ⇒ Email

Returns a new instance of Email.



934
935
936
# File 'lib/stytch/b2b_passwords.rb', line 934

def initialize(connection)
  @connection = connection
end

Instance Method Details

#reset(password_reset_token:, password:, pkce_code_verifier: nil) ⇒ Object

Reset the password associated with an email and start an intermediate session. This endpoint checks that the password reset token is valid, hasn’t expired, or already been used.

The provided password needs to meet the project’s password strength requirements, which can be checked in advance with the password strength endpoint. If the token and password are accepted, the password is securely stored for future authentication and the user is authenticated.

Resetting a password will start an intermediate session and return a list of discovered organizations the session can be exchanged into.

Parameters:

password_reset_token

The password reset token to authenticate. The type of this field is String.

password

The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characers, etc. The type of this field is String.

pkce_code_verifier

(no documentation yet) The type of this field is nilable String.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

intermediate_session_token

The returned Intermediate Session Token contains a password factor associated with the Member. If this value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The token can be used with the [OTP SMS Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-otp-sms), [TOTP Authenticate endpoint](stytch.com/docs/b2b/api/authenticate-totp), or [Recovery Codes Recover endpoint](stytch.com/docs/b2b/api/recovery-codes-recover) to complete an MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so the intermediate session token is not valid for use with discovery endpoints. The type of this field is String.

email_address

(no documentation yet) The type of this field is String.

discovered_organizations

(no documentation yet) The type of this field is list of DiscoveredOrganization (object).

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.



1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
# File 'lib/stytch/b2b_passwords.rb', line 1043

def reset(
  password_reset_token:,
  password:,
  pkce_code_verifier: nil
)
  headers = {}
  request = {
    password_reset_token: password_reset_token,
    password: password
  }
  request[:pkce_code_verifier] = pkce_code_verifier unless pkce_code_verifier.nil?

  post_request('/v1/b2b/passwords/discovery/email/reset', request, headers)
end

#reset_start(email_address:, reset_password_redirect_url: nil, discovery_redirect_url: nil, reset_password_template_id: nil, reset_password_expiration_minutes: nil, pkce_code_challenge: nil, locale: nil) ⇒ Object

Initiates a password reset for the email address provided, when cross-org passwords are enabled. This will trigger an email to be sent to the address, containing a magic link that will allow them to set a new password and authenticate.

This endpoint adapts to your Project’s password strength configuration. If you’re using [zxcvbn](stytch.com/docs/guides/passwords/strength-policy), the default, your passwords are considered valid if the strength score is >= 3. If you’re using [LUDS](stytch.com/docs/guides/passwords/strength-policy), your passwords are considered valid if they meet the requirements that you’ve set with Stytch. You may update your password strength configuration in the [stytch dashboard](stytch.com/dashboard/password-strength-config).

Parameters:

email_address

The email address of the Member to start the email reset process for. The type of this field is String.

reset_password_redirect_url

The URL that the Member clicks from the reset password link. This URL should be an endpoint in the backend server that verifies the request by querying Stytch’s authenticate endpoint and finishes the reset password flow. If this value is not passed, the default ‘reset_password_redirect_url` that you set in your Dashboard is used. If you have not set a default `reset_password_redirect_url`, an error is returned. The type of this field is nilable String.

discovery_redirect_url

The URL that the end user clicks from the discovery Magic Link. This URL should be an endpoint in the backend server that verifies the request by querying Stytch’s discovery authenticate endpoint and continues the flow. If this value is not passed, the default discovery redirect URL that you set in your Dashboard is used. If you have not set a default discovery redirect URL, an error is returned. The type of this field is nilable String.

reset_password_template_id

Use a custom template for reset password emails. By default, it will use your default email template. The template must be a template using our built-in customizations or a custom HTML email for Magic Links - Reset Password. The type of this field is nilable String.

reset_password_expiration_minutes

Sets a time limit after which the email link to reset the member’s password will no longer be valid. The type of this field is nilable Integer.

pkce_code_challenge

(no documentation yet) The type of this field is nilable String.

locale

Used to determine which language to use when sending the user this delivery method. Parameter is a [IETF BCP 47 language tag](www.w3.org/International/articles/language-tags/), e.g. ‘“en”`.

Currently supported languages are English (‘“en”`), Spanish (`“es”`), and Brazilian Portuguese (`“pt-br”`); if no value is provided, the copy defaults to English.

Request support for additional languages [here](docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link“)!

The type of this field is nilable +String+.

Returns:

An object with the following fields:

request_id

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. The type of this field is String.

status_code

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. The type of this field is Integer.



986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
# File 'lib/stytch/b2b_passwords.rb', line 986

def reset_start(
  email_address:,
  reset_password_redirect_url: nil,
  discovery_redirect_url: nil,
  reset_password_template_id: nil,
  reset_password_expiration_minutes: nil,
  pkce_code_challenge: nil,
  locale: nil
)
  headers = {}
  request = {
    email_address: email_address
  }
  request[:reset_password_redirect_url] = reset_password_redirect_url unless reset_password_redirect_url.nil?
  request[:discovery_redirect_url] = discovery_redirect_url unless discovery_redirect_url.nil?
  request[:reset_password_template_id] = reset_password_template_id unless reset_password_template_id.nil?
  request[:reset_password_expiration_minutes] = reset_password_expiration_minutes unless reset_password_expiration_minutes.nil?
  request[:pkce_code_challenge] = pkce_code_challenge unless pkce_code_challenge.nil?
  request[:locale] = locale unless locale.nil?

  post_request('/v1/b2b/passwords/discovery/email/reset/start', request, headers)
end