> ## Documentation Index
> Fetch the complete documentation index at: https://stytch.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Discovery Password Reset by Email Start

> Initiates a password reset for an email address in the Discovery flow.

export const discovery = "Centralized login flow that allows users to view all Organizations they have access to, including pending invites and Organizations they are allowed to automatically join based on their verified email domain.";

export const organization = "Represents an instance or tenant in your application, typically mapping to each of your top-level customers.";

export const member = "Represents an individual end user's account within a given Organization, uniquely identified within that Organization by their email address.";

<Info>
  This flow is only valid for [cross-org passwords](/multi-tenant-auth/authentication/passwords/cross-org) use cases, and is not tied to a specific <Tooltip tip={organization}>Organization</Tooltip>; it is intended for <Tooltip tip={discovery}>Discovery</Tooltip> flows.
</Info>

Triggers an email to the provided email address containing a magic link that will allow the <Tooltip tip={member}>Member</Tooltip> to set a new password and authenticate via the [Discovery Password Reset by Email endpoint](/api-reference/b2b/api/passwords/create-or-reset-options/discovery-password-reset-by-email).


## OpenAPI

````yaml POST /v1/b2b/passwords/discovery/email/reset/start
openapi: 3.0.3
info:
  title: Stytch API
  description: The Stytch API provides endpoints for authentication and user management.
  version: 2.1.1
  contact:
    name: Stytch Support
    url: https://stytch.com/docs
    email: support@stytch.com
servers:
  - url: https://api.stytch.com
    description: Production server
  - url: https://test.stytch.com
    description: Test server
security:
  - basicAuth: []
paths:
  /v1/b2b/passwords/discovery/email/reset/start:
    post:
      tags:
        - Discovery
      summary: Resetstart
      description: >-
        Initiates a password reset for the email address provided, when
        cross-org passwords are enabled. This will trigger an email to be sent
        to the address, containing a magic link that will allow them to set a
        new password and authenticate.


        This endpoint adapts to your Project's password strength configuration.

        If you're using
        [zxcvbn](https://stytch.com/docs/guides/passwords/strength-policy), the
        default, your passwords are considered valid

        if the strength score is >= 3. If you're using
        [LUDS](https://stytch.com/docs/guides/passwords/strength-policy), your
        passwords are

        considered valid if they meet the requirements that you've set with
        Stytch.

        You may update your password strength configuration on the [Passwords
        Policy page](https://stytch.com/dashboard/password-strength-config) in
        the Stytch Dashboard.
      operationId: api_b2b_password_v1_b2b_passwords_discovery_email_ResetStart
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: >-
                #/components/schemas/api_b2b_password_v1_b2b_passwords_discovery_email_ResetStartRequest
      responses:
        '200':
          description: Successful response
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/api_b2b_password_v1_b2b_passwords_discovery_email_ResetStartResponse
        '400':
          description: Bad request
        '401':
          description: Unauthorized
          content:
            application/json:
              example:
                status_code: 401
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: unauthorized_credentials
                error_message: Unauthorized credentials.
                error_url: https://stytch.com/docs/api/errors/401
        '429':
          description: Too Many Requests
          content:
            application/json:
              example:
                status_code: 429
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: too_many_requests
                error_message: Too many requests have been made.
                error_url: https://stytch.com/docs/api/errors/429
        '500':
          description: Internal server error
          content:
            application/json:
              example:
                status_code: 500
                request_id: request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141
                error_type: internal_server_error
                error_message: >-
                  Oops, something seems to have gone wrong, please reach out to
                  support@stytch.com to let us know what went wrong.
                error_url: https://stytch.com/docs/api/errors/500
      x-code-samples:
        - lang: csharp
          label: C#
          source: |-
            // POST /v1/b2b/passwords/discovery/email/reset/start
            const stytch = require('stytch');

            const client = new stytch.B2BClient({
              project_id: '${projectId}',
              secret: '${secret}',
            });

            const params = {
              email_address: "sandbox@stytch.com",
            };

            client.Passwords.Discovery.Email.ResetStart(params)
              .then(resp => { console.log(resp) })
              .catch(err => { console.log(err) });
        - lang: go
          label: Go
          source: "// POST /v1/b2b/passwords/discovery/email/reset/start\npackage main\n\nimport (\n\t\"context\"\n\t\"log\"\n\n\t\"github.com/stytchauth/stytch-go/v18/stytch/b2b/b2bstytchapi\"\n\t\"github.com/stytchauth/stytch-go/v18/stytch/b2b/passwords/discovery/email\"\n)\n\nfunc main() {\n\tclient, err := b2bstytchapi.NewClient(\n\t\t\"${projectId}\",\n\t\t\"${secret}\",\n\t)\n\tif err != nil {\n\t\tlog.Fatalf(\"error instantiating client: %v\", err)\n\t}\n\n\tparams := &email.ResetStartParams{\n\t\tEmailAddress: \"sandbox@stytch.com\",\n\t}\n\n\tresp, err := client.Passwords.Discovery.Email.ResetStart(context.Background(), params)\n\tif err != nil {\n\t\tlog.Fatalf(\"error in method call: %v\", err)\n\t}\n\n\tlog.Println(resp)\n}\n"
        - lang: java
          label: Java
          source: >-
            // POST /v1/b2b/passwords/discovery/email/reset/start

            package com.example;


            import
            com.stytch.java.b2b.models.passwordsdiscoveryemail.ResetStartRequest;

            import com.stytch.java.b2b.StytchB2BClient;

            import com.stytch.java.common.StytchResult;


            public class Main {
                public static void main(String[] args) {
                    StytchB2BClient.configure("${projectId}", "${secret}");

                    ResetStartRequest params = new ResetStartRequest();
                    params.setEmailAddress("sandbox@stytch.com");

                    Object result = StytchB2BClient.getPasswords().getDiscovery().getEmail().resetStart(params);
                    if (result instanceof StytchResult.Success) {
                      System.out.println(((StytchResult.Success) result).getValue());
                    } else {
                      System.out.println(((StytchResult.Error) result).getException());
                    }
                }
            }
        - lang: kotlin
          label: Kotlin
          source: >
            // POST /v1/b2b/passwords/discovery/email/reset/start

            package com.example


            import com.stytch.java.b2b.StytchB2BClient

            import
            com.stytch.java.b2b.models.passwordsdiscoveryemail.ResetStartRequest


            fun main() {
                StytchB2BClient.configure(
                    projectId = "${projectId}",
                    secret = "${secret}",
                )

                when (
                    val result =
                        StytchB2BClient.passwords.discovery.email.resetStart(
                            ResetStartRequest(
                                emailAddress = "sandbox@stytch.com",
                            ),
                        )
                ) {
                    is StytchResult.Success -> println(result.value)
                    is StytchResult.Error -> println(result.exception)
                }
            }
        - lang: javascript
          label: Node.js
          source: |-
            // POST /v1/b2b/passwords/discovery/email/reset/start
            const stytch = require('stytch');

            const client = new stytch.B2BClient({
              project_id: '${projectId}',
              secret: '${secret}',
            });

            const params = {
              email_address: "sandbox@stytch.com",
            };

            client.passwords.discovery.email.resetStart(params)
              .then(resp => { console.log(resp) })
              .catch(err => { console.log(err) });
        - lang: php
          label: PHP
          source: |-
            $response = $client->passwords->discovery->email->reset_start([
                'email_address' => 'sandbox@stytch.com',
            ]);
        - lang: python
          label: Python
          source: |
            # POST /v1/b2b/passwords/discovery/email/reset/start
            from stytch import B2BClient

            client = B2BClient(
                project_id="${projectId}",
                secret="${secret}",
            )

            resp = client.passwords.discovery.email.reset_start(
                email_address="sandbox@stytch.com",
            )

            print(resp)
        - lang: ruby
          label: Ruby
          source: |-
            # frozen_string_literal: true

            # POST /v1/b2b/passwords/discovery/email/reset/start
            require 'stytch'

            client = StytchB2B::Client.new(
              project_id: "${projectId}",
              secret: "${secret}"
            )

            resp = client.passwords.discovery.email.reset_start(
              email_address: "sandbox@stytch.com"
              
            )

            puts resp
        - lang: rust
          label: Rust
          source: |-
            // POST /v1/b2b/passwords/discovery/email/reset/start
            use stytch::b2b::client::Client;
            use stytch::b2b::passwords_discovery_email::ResetStartRequest;

            fn main() {
                let client = Client::new("${projectId}", "${secret}").unwrap();
                let resp = client.passwords.discovery.email.reset_start(
                    ResetStartRequest{
                        email_address: "sandbox@stytch.com",
                        ..Default::default()
                    }
                ).await;
                println!("The response is {:?}", resp);
            }
        - lang: bash
          label: cURL
          source: |-
            # POST /v1/b2b/passwords/discovery/email/reset/start
            curl --request POST \
              --url https://test.stytch.com/v1/b2b/passwords/discovery/email/reset/start \
              -u '${projectId}:${secret}' \
              -H 'Content-Type: application/json' \
              -d '{
                "email_address": "sandbox@stytch.com"
              }'
components:
  schemas:
    api_b2b_password_v1_b2b_passwords_discovery_email_ResetStartRequest:
      type: object
      properties:
        email_address:
          type: string
          description: >-
            The email address of the Member to start the email reset process
            for.
        reset_password_redirect_url:
          type: string
          description: >-
            The URL that the Member is redirected to from the reset password
            magic link. This URL should display your application's reset
            password page.
              Before rendering the reset page, extract the `token` from the query parameters. On the reset page, collect the new password and complete the flow by calling the corresponding Password Reset by Email endpoint.
              If this parameter is not specified, the default Reset Password redirect URL configured in the Dashboard will be used. If you have not set a default Reset Password redirect URL, an error is returned.
        discovery_redirect_url:
          type: string
          description: >-
            The URL that the end user clicks from the discovery Magic Link. This
            URL should be an endpoint in the backend server that
              verifies the request by querying Stytch's discovery authenticate endpoint and continues the flow. If this value is not passed, the default
              discovery redirect URL that you set in your Dashboard is used. If you have not set a default discovery redirect URL, an error is returned.
        reset_password_template_id:
          type: string
          description: >-
            Use a custom template for reset password emails. By default, it will
            use your default email template. Templates can be added in the
            [Stytch dashboard](https://stytch.com/dashboard/templates) using our
            built-in customization options or custom HTML templates with type
            “Passwords - Reset Password”.
        reset_password_expiration_minutes:
          type: integer
          format: int32
          description: >-
            Sets a time limit after which the email link to reset the member's
            password will no longer be valid. The minimum allowed expiration is
            5 minutes and the maximum is 10080 minutes (7 days). By default, the
            expiration is 30 minutes.
        pkce_code_challenge:
          type: string
        locale:
          type: string
          description: >-
            Used to determine which language to use when sending the user this
            delivery method. Parameter is an [IETF BCP 47 language
            tag](https://www.w3.org/International/articles/language-tags/), e.g.
            `"en"`.


            If no value is provided, the copy defaults to English.
        verify_email_template_id:
          type: string
          description: >-
            Use a custom template for verification emails sent during password
            reset flows. When cross-organization passwords are enabled for your
            Project, this template will be used the first time a user sets a
            password via a
              password reset flow. By default, it will use your default email template. Templates can be added in the [Stytch dashboard](https://stytch.com/dashboard/templates) using our built-in customization options or custom HTML templates with type “Passwords - Email Verification”.
      description: Request type
      required:
        - email_address
    api_b2b_password_v1_b2b_passwords_discovery_email_ResetStartResponse:
      type: object
      properties:
        request_id:
          type: string
          description: >-
            Globally unique UUID that is returned with every API call. This
            value is important to log for debugging purposes; we may ask for
            this value to help identify a specific API call when helping you
            debug an issue.
        status_code:
          type: integer
          format: int32
          description: >-
            The HTTP status code of the response. Stytch follows standard HTTP
            response status code patterns, e.g. 2XX values equate to success,
            3XX values are redirects, 4XX are client errors, and 5XX are server
            errors.
      required:
        - request_id
        - status_code
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic

````