C#
Copy
Ask AI
// POST /v1/b2b/sessions/attest
const stytch = require('stytch');
const client = new stytch.B2BClient({
project_id: '${projectId}',
secret: '${secret}',
});
const params = {
profile_id: "${profileId}",
token: "${trustedAuthToken}",
organization_id: "${organizationId}",
};
client.Sessions.Attest(params)
.then(resp => { console.log(resp) })
.catch(err => { console.log(err) });Copy
Ask AI
{
"request_id": "<string>",
"member_id": "<string>",
"member_session": {
"member_session_id": "<string>",
"member_id": "<string>",
"started_at": "<string>",
"last_accessed_at": "<string>",
"expires_at": "<string>",
"authentication_factors": [
{
"type": "magic_link",
"delivery_method": "email",
"last_authenticated_at": "<string>",
"created_at": "<string>",
"updated_at": "<string>",
"email_factor": {
"email_id": "<string>",
"email_address": "<string>"
},
"phone_number_factor": {
"phone_id": "<string>",
"phone_number": "<string>"
},
"google_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"microsoft_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"apple_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"webauthn_factor": {
"webauthn_registration_id": "<string>",
"domain": "<string>",
"user_agent": "<string>"
},
"authenticator_app_factor": {
"totp_id": "<string>"
},
"github_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"recovery_code_factor": {
"totp_recovery_code_id": "<string>"
},
"facebook_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"crypto_wallet_factor": {
"crypto_wallet_id": "<string>",
"crypto_wallet_address": "<string>",
"crypto_wallet_type": "<string>"
},
"amazon_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"bitbucket_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"coinbase_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"discord_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"figma_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"git_lab_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"instagram_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"linked_in_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"shopify_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"slack_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"snapchat_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"spotify_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"steam_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"tik_tok_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"twitch_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"twitter_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"embeddable_magic_link_factor": {
"embedded_id": "<string>"
},
"biometric_factor": {
"biometric_registration_id": "<string>"
},
"saml_sso_factor": {
"id": "<string>",
"provider_id": "<string>",
"external_id": "<string>"
},
"oidc_sso_factor": {
"id": "<string>",
"provider_id": "<string>",
"external_id": "<string>"
},
"salesforce_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"yahoo_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"hubspot_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"slack_oauth_exchange_factor": {
"email_id": "<string>"
},
"hubspot_oauth_exchange_factor": {
"email_id": "<string>"
},
"github_oauth_exchange_factor": {
"email_id": "<string>"
},
"google_oauth_exchange_factor": {
"email_id": "<string>"
},
"impersonated_factor": {
"impersonator_id": "<string>",
"impersonator_email_address": "<string>"
},
"oauth_access_token_exchange_factor": {
"client_id": "<string>"
},
"trusted_auth_token_factor": {
"token_id": "<string>"
}
}
],
"organization_id": "<string>",
"roles": [
"<string>"
],
"organization_slug": "<string>",
"custom_claims": {}
},
"session_token": "<string>",
"session_jwt": "<string>",
"member": {
"organization_id": "<string>",
"member_id": "<string>",
"email_address": "<string>",
"status": "<string>",
"name": "<string>",
"sso_registrations": [
{
"connection_id": "<string>",
"external_id": "<string>",
"registration_id": "<string>",
"sso_attributes": {}
}
],
"is_breakglass": true,
"member_password_id": "<string>",
"oauth_registrations": [
{
"provider_type": "<string>",
"provider_subject": "<string>",
"member_oauth_registration_id": "<string>",
"profile_picture_url": "<string>",
"locale": "<string>"
}
],
"email_address_verified": true,
"mfa_phone_number_verified": true,
"is_admin": true,
"totp_registration_id": "<string>",
"retired_email_addresses": [
{
"email_id": "<string>",
"email_address": "<string>"
}
],
"is_locked": true,
"mfa_enrolled": true,
"mfa_phone_number": "<string>",
"default_mfa_method": "<string>",
"roles": [
{
"role_id": "<string>",
"sources": [
{
"type": "<string>",
"details": {}
}
]
}
],
"trusted_metadata": {},
"untrusted_metadata": {},
"created_at": "<string>",
"updated_at": "<string>",
"scim_registration": {
"connection_id": "<string>",
"registration_id": "<string>",
"external_id": "<string>",
"scim_attributes": {
"user_name": "<string>",
"id": "<string>",
"external_id": "<string>",
"active": true,
"groups": [
{
"value": "<string>",
"display": "<string>"
}
],
"display_name": "<string>",
"nick_name": "<string>",
"profile_url": "<string>",
"user_type": "<string>",
"title": "<string>",
"preferred_language": "<string>",
"locale": "<string>",
"timezone": "<string>",
"emails": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"phone_numbers": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"addresses": [
{
"formatted": "<string>",
"street_address": "<string>",
"locality": "<string>",
"region": "<string>",
"postal_code": "<string>",
"country": "<string>",
"type": "<string>",
"primary": true
}
],
"ims": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"photos": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"entitlements": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"roles": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"x509certificates": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"name": {
"formatted": "<string>",
"family_name": "<string>",
"given_name": "<string>",
"middle_name": "<string>",
"honorific_prefix": "<string>",
"honorific_suffix": "<string>"
},
"enterprise_extension": {
"employee_number": "<string>",
"cost_center": "<string>",
"division": "<string>",
"department": "<string>",
"organization": "<string>",
"manager": {
"value": "<string>",
"ref": "<string>",
"display_name": "<string>"
}
}
}
},
"external_id": "<string>",
"lock_created_at": "<string>",
"lock_expires_at": "<string>"
},
"organization": {
"organization_id": "<string>",
"organization_name": "<string>",
"organization_logo_url": "<string>",
"organization_slug": "<string>",
"sso_jit_provisioning": "<string>",
"sso_jit_provisioning_allowed_connections": [
"<string>"
],
"sso_active_connections": [
{
"connection_id": "<string>",
"display_name": "<string>",
"identity_provider": "<string>"
}
],
"email_allowed_domains": [
"<string>"
],
"email_jit_provisioning": "<string>",
"email_invites": "<string>",
"auth_methods": "<string>",
"allowed_auth_methods": [
"<string>"
],
"mfa_policy": "<string>",
"rbac_email_implicit_role_assignments": [
{
"domain": "<string>",
"role_id": "<string>"
}
],
"mfa_methods": "<string>",
"allowed_mfa_methods": [
"<string>"
],
"oauth_tenant_jit_provisioning": "<string>",
"claimed_email_domains": [
"<string>"
],
"first_party_connected_apps_allowed_type": "<string>",
"allowed_first_party_connected_apps": [
"<string>"
],
"third_party_connected_apps_allowed_type": "<string>",
"allowed_third_party_connected_apps": [
"<string>"
],
"custom_roles": [
{
"role_id": "<string>",
"description": "<string>",
"permissions": [
{
"resource_id": "<string>",
"actions": [
"<string>"
]
}
]
}
],
"trusted_metadata": {},
"created_at": "<string>",
"updated_at": "<string>",
"organization_external_id": "<string>",
"sso_default_connection_id": "<string>",
"scim_active_connection": {
"connection_id": "<string>",
"display_name": "<string>",
"bearer_token_last_four": "<string>",
"bearer_token_expires_at": "<string>"
},
"allowed_oauth_tenants": {}
},
"status_code": 123,
"member_device": {
"visitor_id": "<string>",
"visitor_id_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
},
"ip_address": "<string>",
"ip_address_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
},
"ip_geo_city": "<string>",
"ip_geo_region": "<string>",
"ip_geo_country": "<string>",
"ip_geo_country_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
}
}
}Sessions
Attest Session
Exchange an auth token issued by a trusted identity provider for a Stytch session
POST
/
v1
/
b2b
/
sessions
/
attest
C#
Copy
Ask AI
// POST /v1/b2b/sessions/attest
const stytch = require('stytch');
const client = new stytch.B2BClient({
project_id: '${projectId}',
secret: '${secret}',
});
const params = {
profile_id: "${profileId}",
token: "${trustedAuthToken}",
organization_id: "${organizationId}",
};
client.Sessions.Attest(params)
.then(resp => { console.log(resp) })
.catch(err => { console.log(err) });Copy
Ask AI
{
"request_id": "<string>",
"member_id": "<string>",
"member_session": {
"member_session_id": "<string>",
"member_id": "<string>",
"started_at": "<string>",
"last_accessed_at": "<string>",
"expires_at": "<string>",
"authentication_factors": [
{
"type": "magic_link",
"delivery_method": "email",
"last_authenticated_at": "<string>",
"created_at": "<string>",
"updated_at": "<string>",
"email_factor": {
"email_id": "<string>",
"email_address": "<string>"
},
"phone_number_factor": {
"phone_id": "<string>",
"phone_number": "<string>"
},
"google_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"microsoft_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"apple_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"webauthn_factor": {
"webauthn_registration_id": "<string>",
"domain": "<string>",
"user_agent": "<string>"
},
"authenticator_app_factor": {
"totp_id": "<string>"
},
"github_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"recovery_code_factor": {
"totp_recovery_code_id": "<string>"
},
"facebook_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"crypto_wallet_factor": {
"crypto_wallet_id": "<string>",
"crypto_wallet_address": "<string>",
"crypto_wallet_type": "<string>"
},
"amazon_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"bitbucket_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"coinbase_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"discord_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"figma_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"git_lab_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"instagram_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"linked_in_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"shopify_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"slack_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"snapchat_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"spotify_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"steam_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"tik_tok_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"twitch_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"twitter_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"embeddable_magic_link_factor": {
"embedded_id": "<string>"
},
"biometric_factor": {
"biometric_registration_id": "<string>"
},
"saml_sso_factor": {
"id": "<string>",
"provider_id": "<string>",
"external_id": "<string>"
},
"oidc_sso_factor": {
"id": "<string>",
"provider_id": "<string>",
"external_id": "<string>"
},
"salesforce_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"yahoo_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"hubspot_oauth_factor": {
"id": "<string>",
"provider_subject": "<string>",
"email_id": "<string>"
},
"slack_oauth_exchange_factor": {
"email_id": "<string>"
},
"hubspot_oauth_exchange_factor": {
"email_id": "<string>"
},
"github_oauth_exchange_factor": {
"email_id": "<string>"
},
"google_oauth_exchange_factor": {
"email_id": "<string>"
},
"impersonated_factor": {
"impersonator_id": "<string>",
"impersonator_email_address": "<string>"
},
"oauth_access_token_exchange_factor": {
"client_id": "<string>"
},
"trusted_auth_token_factor": {
"token_id": "<string>"
}
}
],
"organization_id": "<string>",
"roles": [
"<string>"
],
"organization_slug": "<string>",
"custom_claims": {}
},
"session_token": "<string>",
"session_jwt": "<string>",
"member": {
"organization_id": "<string>",
"member_id": "<string>",
"email_address": "<string>",
"status": "<string>",
"name": "<string>",
"sso_registrations": [
{
"connection_id": "<string>",
"external_id": "<string>",
"registration_id": "<string>",
"sso_attributes": {}
}
],
"is_breakglass": true,
"member_password_id": "<string>",
"oauth_registrations": [
{
"provider_type": "<string>",
"provider_subject": "<string>",
"member_oauth_registration_id": "<string>",
"profile_picture_url": "<string>",
"locale": "<string>"
}
],
"email_address_verified": true,
"mfa_phone_number_verified": true,
"is_admin": true,
"totp_registration_id": "<string>",
"retired_email_addresses": [
{
"email_id": "<string>",
"email_address": "<string>"
}
],
"is_locked": true,
"mfa_enrolled": true,
"mfa_phone_number": "<string>",
"default_mfa_method": "<string>",
"roles": [
{
"role_id": "<string>",
"sources": [
{
"type": "<string>",
"details": {}
}
]
}
],
"trusted_metadata": {},
"untrusted_metadata": {},
"created_at": "<string>",
"updated_at": "<string>",
"scim_registration": {
"connection_id": "<string>",
"registration_id": "<string>",
"external_id": "<string>",
"scim_attributes": {
"user_name": "<string>",
"id": "<string>",
"external_id": "<string>",
"active": true,
"groups": [
{
"value": "<string>",
"display": "<string>"
}
],
"display_name": "<string>",
"nick_name": "<string>",
"profile_url": "<string>",
"user_type": "<string>",
"title": "<string>",
"preferred_language": "<string>",
"locale": "<string>",
"timezone": "<string>",
"emails": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"phone_numbers": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"addresses": [
{
"formatted": "<string>",
"street_address": "<string>",
"locality": "<string>",
"region": "<string>",
"postal_code": "<string>",
"country": "<string>",
"type": "<string>",
"primary": true
}
],
"ims": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"photos": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"entitlements": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"roles": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"x509certificates": [
{
"value": "<string>",
"type": "<string>",
"primary": true
}
],
"name": {
"formatted": "<string>",
"family_name": "<string>",
"given_name": "<string>",
"middle_name": "<string>",
"honorific_prefix": "<string>",
"honorific_suffix": "<string>"
},
"enterprise_extension": {
"employee_number": "<string>",
"cost_center": "<string>",
"division": "<string>",
"department": "<string>",
"organization": "<string>",
"manager": {
"value": "<string>",
"ref": "<string>",
"display_name": "<string>"
}
}
}
},
"external_id": "<string>",
"lock_created_at": "<string>",
"lock_expires_at": "<string>"
},
"organization": {
"organization_id": "<string>",
"organization_name": "<string>",
"organization_logo_url": "<string>",
"organization_slug": "<string>",
"sso_jit_provisioning": "<string>",
"sso_jit_provisioning_allowed_connections": [
"<string>"
],
"sso_active_connections": [
{
"connection_id": "<string>",
"display_name": "<string>",
"identity_provider": "<string>"
}
],
"email_allowed_domains": [
"<string>"
],
"email_jit_provisioning": "<string>",
"email_invites": "<string>",
"auth_methods": "<string>",
"allowed_auth_methods": [
"<string>"
],
"mfa_policy": "<string>",
"rbac_email_implicit_role_assignments": [
{
"domain": "<string>",
"role_id": "<string>"
}
],
"mfa_methods": "<string>",
"allowed_mfa_methods": [
"<string>"
],
"oauth_tenant_jit_provisioning": "<string>",
"claimed_email_domains": [
"<string>"
],
"first_party_connected_apps_allowed_type": "<string>",
"allowed_first_party_connected_apps": [
"<string>"
],
"third_party_connected_apps_allowed_type": "<string>",
"allowed_third_party_connected_apps": [
"<string>"
],
"custom_roles": [
{
"role_id": "<string>",
"description": "<string>",
"permissions": [
{
"resource_id": "<string>",
"actions": [
"<string>"
]
}
]
}
],
"trusted_metadata": {},
"created_at": "<string>",
"updated_at": "<string>",
"organization_external_id": "<string>",
"sso_default_connection_id": "<string>",
"scim_active_connection": {
"connection_id": "<string>",
"display_name": "<string>",
"bearer_token_last_four": "<string>",
"bearer_token_expires_at": "<string>"
},
"allowed_oauth_tenants": {}
},
"status_code": 123,
"member_device": {
"visitor_id": "<string>",
"visitor_id_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
},
"ip_address": "<string>",
"ip_address_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
},
"ip_geo_city": "<string>",
"ip_geo_region": "<string>",
"ip_geo_country": "<string>",
"ip_geo_country_details": {
"is_new": true,
"first_seen_at": "<string>",
"last_seen_at": "<string>"
}
}
}You must first register a Trusted Auth Token profile in the Stytch dashboard. If a session token or session is provided, it will add the trusted auth token as an authentication factor to the existing session.
Authorizations
Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.
Body
application/json
Request type
The ID of the trusted auth token profile to use for attestation.
The trusted auth token to authenticate. The token must have an organization ID claim if JIT provisioning is enabled.
The organization ID that the session should be authenticated in. Must be provided if the trusted auth token does not have an organization ID claim.
Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist,
returning both an opaque session_token and session_jwt for this session. Remember that the session_jwt will have a fixed lifetime of
five minutes regardless of the underlying session duration, and will need to be refreshed over time.
This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).
If a session_token or session_jwt is provided then a successful authentication will continue to extend the session this many minutes.
If the session_duration_minutes parameter is not specified, a Stytch session will be created with a 60 minute duration. If you don't want
to use the Stytch session product, you can ignore the session fields in the response.
Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in
session_duration_minutes. Claims will be included on the Session object and in the JWT. To update a key in an existing Session, supply a new value. To
delete a key, supply a null value. Custom claims made with reserved claims (iss, sub, aud, exp, nbf, iat, jti) will be ignored.
Total custom claims size cannot exceed four kilobytes.
The session_token for the session that you wish to add the trusted auth token authentication factor to.
The session_jwt for the session that you wish to add the trusted auth token authentication factor to.
If the telemetry_id is passed, as part of this request, Stytch will call the Fingerprint Lookup API and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature.
Response
Successful response
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
Globally unique UUID that identifies a specific Member.
The Session object.
Show child attributes
Show child attributes
A secret token for a given Stytch Session.
The JSON Web Token (JWT) for a given Stytch Session.
The Member object
Show child attributes
Show child attributes
The Organization object.
Show child attributes
Show child attributes
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
If a valid telemetry_id was passed in the request and the Fingerprint Lookup API returned results, the member_device response field will contain information about the member's device attributes.
Show child attributes
Show child attributes
⌘I