B2B Saas Authentication

/

API reference

/

Session management

/

Authenticate Session

Authenticate Session

POSThttps://test.stytch.com/v1/b2b/sessions/authenticate

Authenticates a Session and updates its lifetime by the specified session_duration_minutes. If the session_duration_minutes is not specified, a Session will not be extended. This endpoint requires either a session_jwt or session_token be included in the request. It will return an error if both are present.

You may provide a JWT that needs to be refreshed and is expired according to its exp claim. A new JWT will be returned if both the signature and the underlying Session are still valid. See our How to use Stytch Session JWTs guide for more information.

If an authorization_check object is passed in, this method will also check if the Member is authorized to perform the given action on the given Resource in the specified Organization. A Member is authorized if their Member Session contains a Role, assigned explicitly or implicitly, with adequate permissions. In addition, the organization_id passed in the authorization check must match the Member's Organization.

If the Member is not authorized to perform the specified action on the specified Resource, or if the organization_id does not match the Member's Organization, a 403 error will be thrown. Otherwise, the response will contain a list of Roles that satisfied the authorization check.


Body parameters


session_tokenstring

session_jwtstring

session_duration_minutesint

session_custom_claimsmap<string, any>

authorization_checkobject

Response fields


request_idstring

status_codeint

member_sessionobject

session_tokenstring

session_jwtstring

memberobject

organizationobject

authorizedboolean

verdictarray[strings]
Authenticate Session
Node
curl --request POST \
  --url https://test.stytch.com/v1/b2b/sessions/authenticate \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q"
  }'

RESPONSE

200
{
	"status_code": 200,
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"member_session": {...},
	"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
	"session_jwt": "",
	"member": {...},
	"organization": {...}
}

Common Error Types