Authenticate a User given a token. This endpoint verifies that the user completed the OAuth flow by verifying that the token is valid and hasn't expired. To initiate a Stytch session for the user while authenticating their OAuth token, include session_duration_minutes; a session with the identity provider, e.g. Google or Facebook, will always be initiated upon successful authentication.
Authenticate OAuth
POSThttps://test.stytch.com/v1/oauth/authenticate
Body parameters
token* string
session_custom_claims map<string, any>
session_duration_minutes int
session_jwt string
session_token string
code_verifier string
Response fields
status_code int
request_id string
user_id string
user object
oauth_user_registration_id string
provider_subject string
provider_type string
provider_values object
reset_sessions boolean
user_session object
session_token string
session_jwt string
curl --request POST \
--url https://test.stytch.com/v1/oauth/authenticate \
-u 'PROJECT_ID:SECRET' \
-H 'Content-Type: application/json' \
-d '{
"token": "SeiGwdj5lKkrEVgcEY3QNJXt6srxS3IK2Nwkar6mXD4="
}'RESPONSE
200
{
"status_code": 200,
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6",
"user": {...},
"oauth_user_registration_id": "oauth-user-test-de86770c-911d-463f-80e7-f1b089cead14",
"provider_subject": "10769150350006150715113082367",
"provider_type": "Google"
"provider_values": {
"access_token": "example-access-token",
"refresh_token": "example-refresh-token",
"id_token": "example-id-token",
"scopes": ["example scope"]
},
"reset_sessions": false,
"session": {
...Stytch session...
},
"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
"session_jwt": "example_jwt"
}