Documentation ¶
Index ¶
- type AuthenticateParams
- type AuthenticateRequestLocale
- type AuthenticateResponse
- type Connection
- type DeleteConnectionParams
- type DeleteConnectionRequestOptions
- type DeleteConnectionResponse
- type GetConnectionsParams
- type GetConnectionsRequestOptions
- type GetConnectionsResponse
- type OIDCConnection
- type SAMLConnection
- type SAMLConnectionImplicitRoleAssignment
- type SAMLGroupImplicitRoleAssignment
- type X509Certificate
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticateParams ¶
type AuthenticateParams struct { // SSOToken: The token to authenticate. SSOToken string `json:"sso_token,omitempty"` // PkceCodeVerifier: A base64url encoded one time secret used to validate that the request starts and ends // on the same device. PkceCodeVerifier string `json:"pkce_code_verifier,omitempty"` // SessionToken: The `session_token` belonging to the member that you wish to associate the email with. SessionToken string `json:"session_token,omitempty"` // SessionJWT: The `session_jwt` belonging to the member that you wish to associate the email with. SessionJWT string `json:"session_jwt,omitempty"` // SessionDurationMinutes: Set the session lifetime to be this many minutes from now. This will start a new // session if one doesn't already exist, // returning both an opaque `session_token` and `session_jwt` for this session. Remember that the // `session_jwt` will have a fixed lifetime of // five minutes regardless of the underlying session duration, and will need to be refreshed over time. // // This value must be a minimum of 5 and a maximum of 527040 minutes (366 days). // // If a `session_token` or `session_jwt` is provided then a successful authentication will continue to // extend the session this many minutes. // // If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a // 60 minute duration. If you don't want // to use the Stytch session product, you can ignore the session fields in the response. SessionDurationMinutes int32 `json:"session_duration_minutes,omitempty"` // SessionCustomClaims: Add a custom claims map to the Session being authenticated. Claims are only created // if a Session is initialized by providing a value in // `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a // key in an existing Session, supply a new value. To // delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`, // `exp`, `nbf`, `iat`, `jti`) will be ignored. // Total custom claims size cannot exceed four kilobytes. SessionCustomClaims map[string]any `json:"session_custom_claims,omitempty"` // Locale: If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint // will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will // be used to determine which language to use when sending the passcode. // // Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), // e.g. `"en"`. // // Currently supported languages are English (`"en"`), Spanish (`"es"`), and Brazilian Portuguese // (`"pt-br"`); if no value is provided, the copy defaults to English. // // Request support for additional languages // [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")! // Locale AuthenticateRequestLocale `json:"locale,omitempty"` // IntermediateSessionToken: Adds this primary authentication factor to the intermediate session token. If // the resulting set of factors satisfies the organization's primary authentication requirements and MFA // requirements, the intermediate session token will be consumed and converted to a member session. If not, // the same intermediate session token will be returned. IntermediateSessionToken string `json:"intermediate_session_token,omitempty"` }
AuthenticateParams: Request type for `SSO.Authenticate`.
type AuthenticateRequestLocale ¶
type AuthenticateRequestLocale string
const ( AuthenticateRequestLocaleEn AuthenticateRequestLocale = "en" AuthenticateRequestLocaleEs AuthenticateRequestLocale = "es" AuthenticateRequestLocalePtbr AuthenticateRequestLocale = "pt-br" )
type AuthenticateResponse ¶
type AuthenticateResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // MemberID: Globally unique UUID that identifies a specific Member. MemberID string `json:"member_id,omitempty"` // OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is // critical to perform operations on an Organization, so be sure to preserve this value. OrganizationID string `json:"organization_id,omitempty"` // Member: The [Member object](https://stytch.com/docs/b2b/api/member-object) Member organizations.Member `json:"member,omitempty"` // SessionToken: A secret token for a given Stytch Session. SessionToken string `json:"session_token,omitempty"` // SessionJWT: The JSON Web Token (JWT) for a given Stytch Session. SessionJWT string `json:"session_jwt,omitempty"` // ResetSession: Indicates if all Sessions linked to the Member need to be reset. You should check this // field if you aren't using // Stytch's Session product. If you are using Stytch's Session product, we revoke the Member’s other // Sessions for you. ResetSession bool `json:"reset_session,omitempty"` // Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object). Organization organizations.Organization `json:"organization,omitempty"` // IntermediateSessionToken: The returned Intermediate Session Token contains an SSO factor associated with // the Member. If this value is non-empty, the member must complete an MFA step to finish logging in to the // Organization. The token can be used with the // [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), // [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or // [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an // MFA flow and log in to the Organization. SSO factors are not transferable between Organizations, so the // intermediate session token is not valid for use with discovery endpoints. IntermediateSessionToken string `json:"intermediate_session_token,omitempty"` // MemberAuthenticated: Indicates whether the Member is fully authenticated. If false, the Member needs to // complete an MFA step to log in to the Organization. MemberAuthenticated bool `json:"member_authenticated,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` // MemberSession: The [Session object](https://stytch.com/docs/b2b/api/session-object). MemberSession *sessions.MemberSession `json:"member_session,omitempty"` // MFARequired: Information about the MFA requirements of the Organization and the Member's options for // fulfilling MFA. MFARequired *mfa.MfaRequired `json:"mfa_required,omitempty"` }
AuthenticateResponse: Response type for `SSO.Authenticate`.
type Connection ¶
type Connection struct { OrganizationID string `json:"organization_id,omitempty"` ConnectionID string `json:"connection_id,omitempty"` ExternalOrganizationID string `json:"external_organization_id,omitempty"` ExternalConnectionID string `json:"external_connection_id,omitempty"` DisplayName string `json:"display_name,omitempty"` Status string `json:"status,omitempty"` }
type DeleteConnectionParams ¶
type DeleteConnectionParams struct { // OrganizationID: The organization ID that the SSO connection belongs to. OrganizationID string `json:"organization_id,omitempty"` // ConnectionID: The ID of the SSO connection. Both SAML and OIDC connection IDs can be provided. ConnectionID string `json:"connection_id,omitempty"` }
DeleteConnectionParams: Request type for `SSO.DeleteConnection`.
type DeleteConnectionRequestOptions ¶
type DeleteConnectionRequestOptions struct { // Authorization: Optional authorization object. // Pass in an active Stytch Member session token or session JWT and the request // will be run using that member's permissions. Authorization methodoptions.Authorization `json:"authorization,omitempty"` }
DeleteConnectionRequestOptions:
func (*DeleteConnectionRequestOptions) AddHeaders ¶
func (o *DeleteConnectionRequestOptions) AddHeaders(headers map[string][]string) map[string][]string
type DeleteConnectionResponse ¶
type DeleteConnectionResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // ConnectionID: The `connection_id` that was deleted as part of the delete request. ConnectionID string `json:"connection_id,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` }
DeleteConnectionResponse: Response type for `SSO.DeleteConnection`.
type GetConnectionsParams ¶
type GetConnectionsParams struct { // OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is // critical to perform operations on an Organization, so be sure to preserve this value. OrganizationID string `json:"organization_id,omitempty"` }
GetConnectionsParams: Request type for `SSO.GetConnections`.
type GetConnectionsRequestOptions ¶
type GetConnectionsRequestOptions struct { // Authorization: Optional authorization object. // Pass in an active Stytch Member session token or session JWT and the request // will be run using that member's permissions. Authorization methodoptions.Authorization `json:"authorization,omitempty"` }
GetConnectionsRequestOptions:
func (*GetConnectionsRequestOptions) AddHeaders ¶
func (o *GetConnectionsRequestOptions) AddHeaders(headers map[string][]string) map[string][]string
type GetConnectionsResponse ¶
type GetConnectionsResponse struct { // RequestID: Globally unique UUID that is returned with every API call. This value is important to log for // debugging purposes; we may ask for this value to help identify a specific API call when helping you // debug an issue. RequestID string `json:"request_id,omitempty"` // SAMLConnections: The list of [SAML Connections](https://stytch.com/docs/b2b/api/saml-connection-object) // owned by this organization. SAMLConnections []SAMLConnection `json:"saml_connections,omitempty"` // OIDCConnections: The list of [OIDC Connections](https://stytch.com/docs/b2b/api/oidc-connection-object) // owned by this organization. OIDCConnections []OIDCConnection `json:"oidc_connections,omitempty"` ExternalConnections []Connection `json:"external_connections,omitempty"` // StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code // patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX // are server errors. StatusCode int32 `json:"status_code,omitempty"` }
GetConnectionsResponse: Response type for `SSO.GetConnections`.
type OIDCConnection ¶
type OIDCConnection struct { OrganizationID string `json:"organization_id,omitempty"` ConnectionID string `json:"connection_id,omitempty"` Status string `json:"status,omitempty"` DisplayName string `json:"display_name,omitempty"` RedirectURL string `json:"redirect_url,omitempty"` ClientID string `json:"client_id,omitempty"` ClientSecret string `json:"client_secret,omitempty"` Issuer string `json:"issuer,omitempty"` AuthorizationURL string `json:"authorization_url,omitempty"` TokenURL string `json:"token_url,omitempty"` UserinfoURL string `json:"userinfo_url,omitempty"` JWKSURL string `json:"jwks_url,omitempty"` IdentityProvider string `json:"identity_provider,omitempty"` }
type SAMLConnection ¶
type SAMLConnection struct { OrganizationID string `json:"organization_id,omitempty"` ConnectionID string `json:"connection_id,omitempty"` Status string `json:"status,omitempty"` IdpEntityID string `json:"idp_entity_id,omitempty"` DisplayName string `json:"display_name,omitempty"` IdpSSOURL string `json:"idp_sso_url,omitempty"` AcsURL string `json:"acs_url,omitempty"` AudienceURI string `json:"audience_uri,omitempty"` SigningCertificates []X509Certificate `json:"signing_certificates,omitempty"` VerificationCertificates []X509Certificate `json:"verification_certificates,omitempty"` SAMLConnectionImplicitRoleAssignments []SAMLConnectionImplicitRoleAssignment `json:"saml_connection_implicit_role_assignments,omitempty"` SAMLGroupImplicitRoleAssignments []SAMLGroupImplicitRoleAssignment `json:"saml_group_implicit_role_assignments,omitempty"` AlternativeAudienceURI string `json:"alternative_audience_uri,omitempty"` IdentityProvider string `json:"identity_provider,omitempty"` AttributeMapping map[string]any `json:"attribute_mapping,omitempty"` }
type SAMLConnectionImplicitRoleAssignment ¶
type SAMLConnectionImplicitRoleAssignment struct { // RoleID: The unique identifier of the RBAC Role, provided by the developer and intended to be // human-readable. // // Reserved `role_id`s that are predefined by Stytch include: // // * `stytch_member` // * `stytch_admin` // // Check out the [guide on Stytch default Roles](https://stytch.com/docs/b2b/guides/rbac/stytch-default) // for a more detailed explanation. // // RoleID string `json:"role_id,omitempty"` }
SAMLConnectionImplicitRoleAssignment:
type SAMLGroupImplicitRoleAssignment ¶
type SAMLGroupImplicitRoleAssignment struct { // RoleID: The unique identifier of the RBAC Role, provided by the developer and intended to be // human-readable. // // Reserved `role_id`s that are predefined by Stytch include: // // * `stytch_member` // * `stytch_admin` // // Check out the [guide on Stytch default Roles](https://stytch.com/docs/b2b/guides/rbac/stytch-default) // for a more detailed explanation. // // RoleID string `json:"role_id,omitempty"` // Group: The name of the SAML group that grants the specified role assignment. Group string `json:"group,omitempty"` }
SAMLGroupImplicitRoleAssignment:
type X509Certificate ¶
Click to show internal directories.
Click to hide internal directories.