Documentation
¶
Index ¶
- type AuthenticateParams
- type AuthenticateRequestLocale
- type AuthenticateResponse
- type Connection
- type ConnectionImplicitRoleAssignment
- type DeleteConnectionParams
- type DeleteConnectionRequestOptions
- type DeleteConnectionResponse
- type GetConnectionsParams
- type GetConnectionsRequestOptions
- type GetConnectionsResponse
- type GroupImplicitRoleAssignment
- type OIDCConnection
- type SAMLConnection
- type SAMLConnectionImplicitRoleAssignment
- type SAMLGroupImplicitRoleAssignment
- type X509Certificate
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AuthenticateParams ¶
type AuthenticateParams struct {
// SSOToken: The token to authenticate.
SSOToken string `json:"sso_token,omitempty"`
// PkceCodeVerifier: A base64url encoded one time secret used to validate that the request starts and ends
// on the same device.
PkceCodeVerifier string `json:"pkce_code_verifier,omitempty"`
// SessionToken: The `session_token` belonging to the member that you wish to associate the email with.
SessionToken string `json:"session_token,omitempty"`
// SessionJWT: The `session_jwt` belonging to the member that you wish to associate the email with.
SessionJWT string `json:"session_jwt,omitempty"`
// SessionDurationMinutes: Set the session lifetime to be this many minutes from now. This will start a new
// session if one doesn't already exist,
// returning both an opaque `session_token` and `session_jwt` for this session. Remember that the
// `session_jwt` will have a fixed lifetime of
// five minutes regardless of the underlying session duration, and will need to be refreshed over time.
//
// This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).
//
// If a `session_token` or `session_jwt` is provided then a successful authentication will continue to
// extend the session this many minutes.
//
// If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a
// 60 minute duration. If you don't want
// to use the Stytch session product, you can ignore the session fields in the response.
SessionDurationMinutes int32 `json:"session_duration_minutes,omitempty"`
// SessionCustomClaims: Add a custom claims map to the Session being authenticated. Claims are only created
// if a Session is initialized by providing a value in
// `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a
// key in an existing Session, supply a new value. To
// delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`,
// `exp`, `nbf`, `iat`, `jti`) will be ignored.
// Total custom claims size cannot exceed four kilobytes.
SessionCustomClaims map[string]any `json:"session_custom_claims,omitempty"`
// Locale: If the needs to complete an MFA step, and the Member has a phone number, this endpoint will
// pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be
// used to determine which language to use when sending the passcode.
//
// Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/),
// e.g. `"en"`.
//
// Currently supported languages are English (`"en"`), Spanish (`"es"`), and Brazilian Portuguese
// (`"pt-br"`); if no value is provided, the copy defaults to English.
//
// Request support for additional languages
// [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")!
//
Locale AuthenticateRequestLocale `json:"locale,omitempty"`
// IntermediateSessionToken: Adds this primary authentication factor to the intermediate session token. If
// the resulting set of factors satisfies the organization's primary authentication requirements and MFA
// requirements, the intermediate session token will be consumed and converted to a member session. If not,
// the same intermediate session token will be returned.
IntermediateSessionToken string `json:"intermediate_session_token,omitempty"`
}
AuthenticateParams: Request type for `SSO.Authenticate`.
type AuthenticateRequestLocale ¶
type AuthenticateRequestLocale string
const ( AuthenticateRequestLocaleEn AuthenticateRequestLocale = "en" AuthenticateRequestLocaleEs AuthenticateRequestLocale = "es" AuthenticateRequestLocalePtbr AuthenticateRequestLocale = "pt-br" )
type AuthenticateResponse ¶
type AuthenticateResponse struct {
// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
// debugging purposes; we may ask for this value to help identify a specific API call when helping you
// debug an issue.
RequestID string `json:"request_id,omitempty"`
// MemberID: Globally unique UUID that identifies a specific Member.
MemberID string `json:"member_id,omitempty"`
// OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is
// critical to perform operations on an Organization, so be sure to preserve this value.
OrganizationID string `json:"organization_id,omitempty"`
// Member: The [Member object](https://stytch.com/docs/b2b/api/member-object)
Member organizations.Member `json:"member,omitempty"`
// SessionToken: A secret token for a given Stytch Session.
SessionToken string `json:"session_token,omitempty"`
// SessionJWT: The JSON Web Token (JWT) for a given Stytch Session.
SessionJWT string `json:"session_jwt,omitempty"`
// ResetSession: Indicates if all Sessions linked to the Member need to be reset. You should check this
// field if you aren't using
// Stytch's Session product. If you are using Stytch's Session product, we revoke the Member’s other
// Sessions for you.
ResetSession bool `json:"reset_session,omitempty"`
// Organization: The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
Organization organizations.Organization `json:"organization,omitempty"`
// IntermediateSessionToken: The returned Intermediate Session Token contains an SSO factor associated with
// the Member. If this value is non-empty, the member must complete an MFA step to finish logging in to the
// Organization. The token can be used with the
// [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms),
// [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or
// [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an
// MFA flow and log in to the Organization. SSO factors are not transferable between Organizations, so the
// intermediate session token is not valid for use with discovery endpoints.
IntermediateSessionToken string `json:"intermediate_session_token,omitempty"`
// MemberAuthenticated: Indicates whether the Member is fully authenticated. If false, the Member needs to
// complete an MFA step to log in to the Organization.
MemberAuthenticated bool `json:"member_authenticated,omitempty"`
// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
// are server errors.
StatusCode int32 `json:"status_code,omitempty"`
// MemberSession: The [Session object](https://stytch.com/docs/b2b/api/session-object).
MemberSession *sessions.MemberSession `json:"member_session,omitempty"`
// MFARequired: Information about the MFA requirements of the Organization and the Member's options for
// fulfilling MFA.
MFARequired *mfa.MfaRequired `json:"mfa_required,omitempty"`
}
AuthenticateResponse: Response type for `SSO.Authenticate`.
type Connection ¶
type Connection struct {
OrganizationID string `json:"organization_id,omitempty"`
ConnectionID string `json:"connection_id,omitempty"`
ExternalOrganizationID string `json:"external_organization_id,omitempty"`
ExternalConnectionID string `json:"external_connection_id,omitempty"`
DisplayName string `json:"display_name,omitempty"`
Status string `json:"status,omitempty"`
ExternalConnectionImplicitRoleAssignments []ConnectionImplicitRoleAssignment `json:"external_connection_implicit_role_assignments,omitempty"`
ExternalGroupImplicitRoleAssignments []GroupImplicitRoleAssignment `json:"external_group_implicit_role_assignments,omitempty"`
}
type ConnectionImplicitRoleAssignment ¶ added in v15.6.0
type ConnectionImplicitRoleAssignment struct {
RoleID string `json:"role_id,omitempty"`
}
type DeleteConnectionParams ¶
type DeleteConnectionParams struct {
// OrganizationID: The organization ID that the SSO connection belongs to.
OrganizationID string `json:"organization_id,omitempty"`
// ConnectionID: The ID of the SSO connection. Both SAML and OIDC connection IDs can be provided.
ConnectionID string `json:"connection_id,omitempty"`
}
DeleteConnectionParams: Request type for `SSO.DeleteConnection`.
type DeleteConnectionRequestOptions ¶
type DeleteConnectionRequestOptions struct {
// Authorization: Optional authorization object.
// Pass in an active Stytch Member session token or session JWT and the request
// will be run using that member's permissions.
Authorization methodoptions.Authorization `json:"authorization,omitempty"`
}
DeleteConnectionRequestOptions:
func (*DeleteConnectionRequestOptions) AddHeaders ¶
func (o *DeleteConnectionRequestOptions) AddHeaders(headers map[string][]string) map[string][]string
type DeleteConnectionResponse ¶
type DeleteConnectionResponse struct {
// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
// debugging purposes; we may ask for this value to help identify a specific API call when helping you
// debug an issue.
RequestID string `json:"request_id,omitempty"`
// ConnectionID: The `connection_id` that was deleted as part of the delete request.
ConnectionID string `json:"connection_id,omitempty"`
// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
// are server errors.
StatusCode int32 `json:"status_code,omitempty"`
}
DeleteConnectionResponse: Response type for `SSO.DeleteConnection`.
type GetConnectionsParams ¶
type GetConnectionsParams struct {
// OrganizationID: Globally unique UUID that identifies a specific Organization. The `organization_id` is
// critical to perform operations on an Organization, so be sure to preserve this value.
OrganizationID string `json:"organization_id,omitempty"`
}
GetConnectionsParams: Request type for `SSO.GetConnections`.
type GetConnectionsRequestOptions ¶
type GetConnectionsRequestOptions struct {
// Authorization: Optional authorization object.
// Pass in an active Stytch Member session token or session JWT and the request
// will be run using that member's permissions.
Authorization methodoptions.Authorization `json:"authorization,omitempty"`
}
GetConnectionsRequestOptions:
func (*GetConnectionsRequestOptions) AddHeaders ¶
func (o *GetConnectionsRequestOptions) AddHeaders(headers map[string][]string) map[string][]string
type GetConnectionsResponse ¶
type GetConnectionsResponse struct {
// RequestID: Globally unique UUID that is returned with every API call. This value is important to log for
// debugging purposes; we may ask for this value to help identify a specific API call when helping you
// debug an issue.
RequestID string `json:"request_id,omitempty"`
// SAMLConnections: The list of [SAML Connections](https://stytch.com/docs/b2b/api/saml-connection-object)
// owned by this organization.
SAMLConnections []SAMLConnection `json:"saml_connections,omitempty"`
// OIDCConnections: The list of [OIDC Connections](https://stytch.com/docs/b2b/api/oidc-connection-object)
// owned by this organization.
OIDCConnections []OIDCConnection `json:"oidc_connections,omitempty"`
ExternalConnections []Connection `json:"external_connections,omitempty"`
// StatusCode: The HTTP status code of the response. Stytch follows standard HTTP response status code
// patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX
// are server errors.
StatusCode int32 `json:"status_code,omitempty"`
}
GetConnectionsResponse: Response type for `SSO.GetConnections`.
type GroupImplicitRoleAssignment ¶ added in v15.6.0
type OIDCConnection ¶
type OIDCConnection struct {
OrganizationID string `json:"organization_id,omitempty"`
ConnectionID string `json:"connection_id,omitempty"`
Status string `json:"status,omitempty"`
DisplayName string `json:"display_name,omitempty"`
RedirectURL string `json:"redirect_url,omitempty"`
ClientID string `json:"client_id,omitempty"`
ClientSecret string `json:"client_secret,omitempty"`
Issuer string `json:"issuer,omitempty"`
AuthorizationURL string `json:"authorization_url,omitempty"`
TokenURL string `json:"token_url,omitempty"`
UserinfoURL string `json:"userinfo_url,omitempty"`
JWKSURL string `json:"jwks_url,omitempty"`
IdentityProvider string `json:"identity_provider,omitempty"`
CustomScopes string `json:"custom_scopes,omitempty"`
AttributeMapping map[string]any `json:"attribute_mapping,omitempty"`
}
type SAMLConnection ¶
type SAMLConnection struct {
OrganizationID string `json:"organization_id,omitempty"`
ConnectionID string `json:"connection_id,omitempty"`
Status string `json:"status,omitempty"`
IdpEntityID string `json:"idp_entity_id,omitempty"`
DisplayName string `json:"display_name,omitempty"`
IdpSSOURL string `json:"idp_sso_url,omitempty"`
AcsURL string `json:"acs_url,omitempty"`
AudienceURI string `json:"audience_uri,omitempty"`
SigningCertificates []X509Certificate `json:"signing_certificates,omitempty"`
VerificationCertificates []X509Certificate `json:"verification_certificates,omitempty"`
SAMLConnectionImplicitRoleAssignments []SAMLConnectionImplicitRoleAssignment `json:"saml_connection_implicit_role_assignments,omitempty"`
SAMLGroupImplicitRoleAssignments []SAMLGroupImplicitRoleAssignment `json:"saml_group_implicit_role_assignments,omitempty"`
AlternativeAudienceURI string `json:"alternative_audience_uri,omitempty"`
IdentityProvider string `json:"identity_provider,omitempty"`
AttributeMapping map[string]any `json:"attribute_mapping,omitempty"`
}
type SAMLConnectionImplicitRoleAssignment ¶
type SAMLConnectionImplicitRoleAssignment struct {
// RoleID: The unique identifier of the RBAC Role, provided by the developer and intended to be
// human-readable.
//
// Reserved `role_id`s that are predefined by Stytch include:
//
// * `stytch_member`
// * `stytch_admin`
//
// Check out the [guide on Stytch default Roles](https://stytch.com/docs/b2b/guides/rbac/stytch-default)
// for a more detailed explanation.
//
//
RoleID string `json:"role_id,omitempty"`
}
SAMLConnectionImplicitRoleAssignment:
type SAMLGroupImplicitRoleAssignment ¶
type SAMLGroupImplicitRoleAssignment struct {
// RoleID: The unique identifier of the RBAC Role, provided by the developer and intended to be
// human-readable.
//
// Reserved `role_id`s that are predefined by Stytch include:
//
// * `stytch_member`
// * `stytch_admin`
//
// Check out the [guide on Stytch default Roles](https://stytch.com/docs/b2b/guides/rbac/stytch-default)
// for a more detailed explanation.
//
//
RoleID string `json:"role_id,omitempty"`
// Group: The name of the SAML group that grants the specified role assignment.
Group string `json:"group,omitempty"`
}
SAMLGroupImplicitRoleAssignment:
type X509Certificate ¶
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.