Get Session - Stytch Docs

The Stytch SDK caches the Session of the logged-in . sessions.getSync is a synchronous method that fetches the cached session object. If there is no cached data, this method will return null.

Response

member_session_id

string

Globally unique UUID that identifies the Session.

member_id

string

Globally unique UUID that identifies a specific Member.

authentication_factors

array[objects]

An array of authentication factors that comprise a Session.

Show properties

type

string

The type of authentication factor. The possible values are: email_otp, impersonated, imported, magic_link, oauth, otp, password, recovery_codes, sso, trusted_auth_token, or totp.

delivery_method

string

The method that was used to deliver the authentication factor. The possible values depend on the type:

email_otp: Only email.
impersonated: Only impersonation.
imported: Only imported_auth0.
magic_link: Only email.
oauth: oauth_google, oauth_microsoft, oauth_hubspot, oauth_slack, or oauth_github. You may see an ‘exchange’ delivery method when a non-email-verifying OAuth factor originally authenticated in one organization is exchanged for a factor in another organization. This can happen during authentication flows such as session exchange. The non-email-verifying OAuth providers are Hubspot, Slack, and Github. Google is also considered non-email-verifying when the HD claim is empty. The possible exchange values are oauth_exchange_google, oauth_exchange_hubspot, oauth_exchange_slack, or oauth_exchange_github. The final possible value is oauth_access_token_exchange, if this factor came from an access token exchange flow.
- otp: Only sms.
- password: Only knowledge.
- recovery_codes: Only recovery_code.
- sso: sso_saml or sso_oidc.
- trusted_auth_token: Only trusted_token_exchange.
- totp: Only authenticator_app.

created_at

string

The timestamp when the factor was initially authenticated.

last_authenticated_at

string

The timestamp when the factor was last authenticated.

updated_at

string

The timestamp when the factor was last updated.

sequence_order

string

Either PRIMARY or SECONDARY. Secondary factor types include otp, totp, and recovery_codes. All other factors are primary.

email_factor

object

Information about the email factor, if one is present.

Show properties

email_address

string

The email address of the Member.

email_id

string

The globally unique UUID of the Member’s email.

phone_number_factor

object

Information about the phone number factor, if one is present.

Show properties

phone_number

string

The phone number.

phone_id

string

The globally unique UUID of the phone number.

google_oauth_factor

object

Information about the Google OAuth factor, if one is present.

Show properties

string

The unique ID of the OAuth registration.

email_id

string

The globally unique UUID of the Member’s email.

provider_subject

string

The unique identifier for the User within the OAuth provider. Also commonly called the sub or “Subject field” in OAuth protocols.

microsoft_oauth_factor

object

Information about the Microsoft OAuth factor, if one is present.

Show properties

string

The unique ID of the OAuth registration.

email_id

string

The globally unique UUID of the Member’s email.

provider_subject

string

The unique identifier for the User within the OAuth provider. Also commonly called the sub or “Subject field” in OAuth protocols.

hubspot_oauth_factor

object

Information about the Hubspot OAuth factor, if one is present.

Show properties

string

The unique ID of the OAuth registration.

email_id

string

The globally unique UUID of the Member’s email.

provider_subject

string

The unique identifier for the User within the OAuth provider. Also commonly called the sub or “Subject field” in OAuth protocols.

github_oauth_factor

object

Information about the Github OAuth factor, if one is present.

Show properties

string

The unique ID of the OAuth registration.

email_id

string

The globally unique UUID of the Member’s email.

provider_subject

string

The unique identifier for the User within the OAuth provider. Also commonly called the sub or “Subject field” in OAuth protocols.

slack_oauth_factor

object

Information about the Slack OAuth factor, if one is present.

Show properties

string

The unique ID of the OAuth registration.

email_id

string

The globally unique UUID of the Member’s email.

provider_subject

string

The unique identifier for the User within the OAuth provider. Also commonly called the sub or “Subject field” in OAuth protocols.

google_oauth_exchange_factor

object

Information about the Google OAuth Exchange factor, if one is present.

Show properties

email_id

string

The globally unique UUID of the email address.

hubspot_oauth_exchange_factor

object

Information about the Hubspot OAuth Exchange factor, if one is present.

Show properties

email_id

string

The globally unique UUID of the email address.

github_oauth_exchange_factor

object

Information about the Github OAuth Exchange factor, if one is present.

Show properties

email_id

string

The globally unique UUID of the email address.

slack_oauth_exchange_factor

object

Information about the Slack OAuth Exchange factor, if one is present.

Show properties

email_id

string

The globally unique UUID of the email address.

saml_sso_factor

object

Information about the SAML SSO factor, if one is present.

Show properties

string

The unique ID of an SSO Registration.

provider_id

string

Globally unique UUID that identifies a specific SAML Connection.

external_id

string

The ID of the member given by the identity provider.

oidc_sso_factor

object

Information about the OIDC SSO factor, if one is present.

Show properties

string

The unique ID of an SSO Registration.

provider_id

string

Globally unique UUID that identifies a specific OIDC Connection.

external_id

string

The ID of the member given by the identity provider.

authenticator_app_factor

object

Information about the TOTP-backed Authenticator App factor, if one is present.

Show properties

totp_id

string

Globally unique UUID that identifies the TOTP instance.

impersonated_factor

object

Information about the impersonated factor, if one is present.

Show properties

impersonator_id

string

For impersonated sessions initiated via the Stytch Dashboard, the impersonator’s Stytch Dashboard member_id.

impersonator_email_address

string

The email address of the impersonator.

trusted_auth_token_factor

object

Information about the trusted auth token factor, if one is present.

Show properties

token_id

string

The ID of the trusted auth token.

oauth_access_token_exchange_factor

object

Information about the access token exchange factor, if one is present.

Show properties

client_id

string

The ID of the Connected App client.

organization_id

The globally unique UUID that identifies the Organization associated with the Session.

organization_slug

The unique URL slug of the Organization associated with the Session.

roles

array[string]

A list of the roles associated with the Session. Members may inherit certain roles depending on the factors in their Session. For example, some roles may only be active if the member logged in from a specific SAML IDP.

started_at

string

The timestamp when the Session was created. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. 2021-12-29T12:33:09Z.

last_accessed_at

string

The timestamp when the Session was last accessed. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. 2021-12-29T12:33:09Z.

expires_at

string

The timestamp when the Session expires. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. 2021-12-29T12:33:09Z.

custom_claims

map<string, any>

The custom claims map for a Session. Claims can be added to a Session during a Sessions authenticate call.

​Response

Response