Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticateParams ¶
type AuthenticateParams struct { // OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is // critical to perform operations on an Organization, so be sure to preserve this value. OrganizationID string `json:"organization_id,omitempty"` // EmailAddress: The email address of the Member. EmailAddress string `json:"email_address,omitempty"` // Password: The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, // e.g. spaces, emojis, non-English characers, etc. Password string `json:"password,omitempty"` // SessionToken: A secret token for a given Stytch Session. SessionToken string `json:"session_token,omitempty"` // SessionDurationMinutes: Set the session lifetime to be this many minutes from now. This will start a new // session if one doesn't already exist, // returning both an opaque `session_token` and `session_jwt` for this session. Remember that the // `session_jwt` will have a fixed lifetime of // five minutes regardless of the underlying session duration, and will need to be refreshed over time. // // This value must be a minimum of 5 and a maximum of 527040 minutes (366 days). // // If a `session_token` or `session_jwt` is provided then a successful authentication will continue to // extend the session this many minutes. // // If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a // 60 minute duration. If you don't want // to use the Stytch session product, you can ignore the session fields in the response. SessionDurationMinutes int32 `json:"session_duration_minutes,omitempty"` // SessionJWT: The JSON Web Token (JWT) for a given Stytch Session. SessionJWT string `json:"session_jwt,omitempty"` // SessionCustomClaims: Add a custom claims map to the Session being authenticated. Claims are only created // if a Session is initialized by providing a value in // `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a // key in an existing Session, supply a new value. To // delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`, // `exp`, `nbf`, `iat`, `jti`) will be ignored. // Total custom claims size cannot exceed four kilobytes. SessionCustomClaims map[string]any `json:"session_custom_claims,omitempty"` // Locale: If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint // will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will // be used to determine which language to use when sending the passcode. // // Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), // e.g. `"en"`. // // Currently supported languages are English (`"en"`), Spanish (`"es"`), and Brazilian Portuguese // (`"pt-br"`); if no value is provided, the copy defaults to English. // // Request support for additional languages // [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")! // Locale AuthenticateRequestLocale `json:"locale,omitempty"` // IntermediateSessionToken: Adds this primary authentication factor to the intermediate session token. If // the resulting set of factors satisfies the organization's primary authentication requirements and MFA // requirements, the intermediate session token will be consumed and converted to a member session. If not, // the same intermediate session token will be returned. IntermediateSessionToken string `json:"intermediate_session_token,omitempty"` }
AuthenticateParams: Request type for `Passwords.Authenticate`.
type AuthenticateRequestLocale ¶
type AuthenticateRequestLocale string
const ( AuthenticateRequestLocaleEn AuthenticateRequestLocale = "en" AuthenticateRequestLocaleEs AuthenticateRequestLocale = "es" AuthenticateRequestLocalePtbr AuthenticateRequestLocale = "pt-br" )
type AuthenticateResponse ¶
type AuthenticateResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // MemberID: Globally unique UUID that identifies a specific Member. MemberID string `json:"member_id,omitempty"` // OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is // critical to perform operations on an Organization, so be sure to preserve this value. OrganizationID string `json:"organization_id,omitempty"` // Member: The [Member object](https://stytch.com/docs/b2b/api/member-object) Member organizations.Member `json:"member,omitempty"` // SessionToken: A secret token for a given Stytch Session. SessionToken string `json:"session_token,omitempty"` // SessionJWT: The JSON Web Token (JWT) for a given Stytch Session. SessionJWT string `json:"session_jwt,omitempty"` // Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object). Organization organizations.Organization `json:"organization,omitempty"` // IntermediateSessionToken: The returned Intermediate Session Token contains a password factor associated // with the Member. If this value is non-empty, the member must complete an MFA step to finish logging in // to the Organization. The token can be used with the // [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), // [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or // [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an // MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so // the intermediate session token is not valid for use with discovery endpoints. IntermediateSessionToken string `json:"intermediate_session_token,omitempty"` // MemberAuthenticated: Indicates whether the Member is fully authenticated. If false, the Member needs to // complete an MFA step to log in to the Organization. MemberAuthenticated bool `json:"member_authenticated,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` // MemberSession: The [Session object](https://stytch.com/docs/b2b/api/session-object). MemberSession *sessions.MemberSession `json:"member_session,omitempty"` // MFARequired: Information about the MFA requirements of the Organization and the Member's options for // fulfilling MFA. MFARequired *mfa.MfaRequired `json:"mfa_required,omitempty"` }
AuthenticateResponse: Response type for `Passwords.Authenticate`.
type LudsFeedback ¶
type LudsFeedback struct { // HasLowerCase: For LUDS validation, whether the password contains at least one lowercase letter. HasLowerCase bool `json:"has_lower_case,omitempty"` // HasUpperCase: For LUDS validation, whether the password contains at least one uppercase letter. HasUpperCase bool `json:"has_upper_case,omitempty"` // HasDigit: For LUDS validation, whether the password contains at least one digit. HasDigit bool `json:"has_digit,omitempty"` // HasSymbol: For LUDS validation, whether the password contains at least one symbol. Any UTF8 character // outside of a-z or A-Z may count as a valid symbol. HasSymbol bool `json:"has_symbol,omitempty"` // MissingComplexity: For LUDS validation, the number of complexity requirements that are missing from the // password. // Check the complexity fields to see which requirements are missing. MissingComplexity int32 `json:"missing_complexity,omitempty"` // MissingCharacters: For LUDS validation, this is the required length of the password that you've set // minus the length of the password being checked. // The user will need to add this many characters to the password to make it valid. MissingCharacters int32 `json:"missing_characters,omitempty"` }
LudsFeedback:
type MigrateParams ¶
type MigrateParams struct { // EmailAddress: The email address of the Member. EmailAddress string `json:"email_address,omitempty"` // Hash: The password hash. For a Scrypt or PBKDF2 hash, the hash needs to be a base64 encoded string. Hash string `json:"hash,omitempty"` // HashType: The password hash used. Currently `bcrypt`, `scrypt`, `argon2i`, `argon2id`, `md_5`, `sha_1`, // and `pbkdf_2` are supported. HashType MigrateRequestHashType `json:"hash_type,omitempty"` // OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is // critical to perform operations on an Organization, so be sure to preserve this value. OrganizationID string `json:"organization_id,omitempty"` // Md5Config: Optional parameters for MD-5 hash types. Md5Config *passwords.MD5Config `json:"md_5_config,omitempty"` // Argon2Config: Required parameters if the argon2 hex form, as opposed to the encoded form, is supplied. Argon2Config *passwords.Argon2Config `json:"argon_2_config,omitempty"` // Sha1Config: Optional parameters for SHA-1 hash types. Sha1Config *passwords.SHA1Config `json:"sha_1_config,omitempty"` // ScryptConfig: Required parameters if the scrypt is not provided in a **PHC encoded form**. ScryptConfig *passwords.ScryptConfig `json:"scrypt_config,omitempty"` // Pbkdf2Config: Required additional parameters for PBKDF2 hash keys. Note that we use the SHA-256 by // default, please contact [support@stytch.com](mailto:support@stytch.com) if you use another hashing // function. Pbkdf2Config *passwords.PBKDF2Config `json:"pbkdf_2_config,omitempty"` // Name: The name of the Member. Each field in the name object is optional. Name string `json:"name,omitempty"` // TrustedMetadata: An arbitrary JSON object for storing application-specific data or // identity-provider-specific data. TrustedMetadata map[string]any `json:"trusted_metadata,omitempty"` // UntrustedMetadata: An arbitrary JSON object of application-specific data. These fields can be edited // directly by the // frontend SDK, and should not be used to store critical information. See the // [Metadata resource](https://stytch.com/docs/b2b/api/metadata) // for complete field behavior details. UntrustedMetadata map[string]any `json:"untrusted_metadata,omitempty"` // Roles to explicitly assign to this Member. // Will completely replace any existing explicitly assigned roles. See the // [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role // assignment. // // If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO // connection // or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO // authentication factors with the affected connection ID. You can preserve these sessions by passing in // the // `preserve_existing_sessions` parameter with a value of `true`. Roles []string `json:"roles,omitempty"` // PreserveExistingSessions: Whether to preserve existing sessions when explicit Roles that are revoked are // also implicitly assigned // by SSO connection or SSO group. Defaults to `false` - that is, existing Member Sessions that contain // SSO // authentication factors with the affected SSO connection IDs will be revoked. PreserveExistingSessions bool `json:"preserve_existing_sessions,omitempty"` }
MigrateParams: Request type for `Passwords.Migrate`.
type MigrateRequestHashType ¶
type MigrateRequestHashType string
const ( MigrateRequestHashTypeBcrypt MigrateRequestHashType = "bcrypt" MigrateRequestHashTypeMd5 MigrateRequestHashType = "md_5" MigrateRequestHashTypeArgon2i MigrateRequestHashType = "argon_2i" MigrateRequestHashTypeArgon2id MigrateRequestHashType = "argon_2id" MigrateRequestHashTypeSha1 MigrateRequestHashType = "sha_1" MigrateRequestHashTypeScrypt MigrateRequestHashType = "scrypt" MigrateRequestHashTypePhpass MigrateRequestHashType = "phpass" MigrateRequestHashTypePbkdf2 MigrateRequestHashType = "pbkdf_2" )
type MigrateResponse ¶
type MigrateResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // MemberID: Globally unique UUID that identifies a specific Member. MemberID string `json:"member_id,omitempty"` // MemberCreated: A flag indicating `true` if a new Member object was created and `false` if the Member // object already existed. MemberCreated bool `json:"member_created,omitempty"` // Member: The [Member object](https://stytch.com/docs/b2b/api/member-object) Member organizations.Member `json:"member,omitempty"` // Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object). Organization organizations.Organization `json:"organization,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` }
MigrateResponse: Response type for `Passwords.Migrate`.
type StrengthCheckParams ¶
type StrengthCheckParams struct { // Password: The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, // e.g. spaces, emojis, non-English characers, etc. Password string `json:"password,omitempty"` // EmailAddress: The email address of the Member. EmailAddress string `json:"email_address,omitempty"` }
StrengthCheckParams: Request type for `Passwords.StrengthCheck`.
type StrengthCheckResponse ¶
type StrengthCheckResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // ValidPassword: Returns `true` if the password passes our password validation. We offer two validation // options, // [zxcvbn](https://stytch.com/docs/passwords#strength-requirements) is the default option which offers a // high level of sophistication. // We also offer [LUDS](https://stytch.com/docs/passwords#strength-requirements). If an email address is // included in the call we also // require that the password hasn't been compromised using built-in breach detection powered by // [HaveIBeenPwned](https://haveibeenpwned.com/) ValidPassword bool `json:"valid_password,omitempty"` // Score: The score of the password determined by [zxcvbn](https://github.com/dropbox/zxcvbn). Values will // be between 1 and 4, a 3 or greater is required to pass validation. Score int32 `json:"score,omitempty"` // BreachedPassword: Returns `true` if the password has been breached. Powered by // [HaveIBeenPwned](https://haveibeenpwned.com/). BreachedPassword bool `json:"breached_password,omitempty"` // StrengthPolicy: The strength policy type enforced, either `zxcvbn` or `luds`. StrengthPolicy string `json:"strength_policy,omitempty"` // BreachDetectionOnCreate: Will return `true` if breach detection will be evaluated. By default this // option is enabled. // This option can be disabled by contacting // [support@stytch.com](mailto:support@stytch.com?subject=Password%20strength%20configuration). // If this value is false then `breached_password` will always be `false` as well. BreachDetectionOnCreate bool `json:"breach_detection_on_create,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` // LudsFeedback: Feedback for how to improve the password's strength using // [luds](https://stytch.com/docs/passwords#strength-requirements). LudsFeedback *LudsFeedback `json:"luds_feedback,omitempty"` // ZxcvbnFeedback: Feedback for how to improve the password's strength using // [zxcvbn](https://stytch.com/docs/passwords#strength-requirements). ZxcvbnFeedback *ZxcvbnFeedback `json:"zxcvbn_feedback,omitempty"` }
StrengthCheckResponse: Response type for `Passwords.StrengthCheck`.
type ZxcvbnFeedback ¶
type ZxcvbnFeedback struct { // Warning: For zxcvbn validation, contains an end user consumable warning if the password is valid but not // strong enough. Warning string `json:"warning,omitempty"` // Suggestions: For zxcvbn validation, contains end user consumable suggestions on how to improve the // strength of the password. Suggestions []string `json:"suggestions,omitempty"` }
ZxcvbnFeedback:
Click to show internal directories.
Click to hide internal directories.