B2B Saas Authentication

/

API reference

/

Passwords

/

Reset Options

/

Password reset by email

Email reset

POSThttps://test.stytch.com/v1/b2b/passwords/email/reset

Reset the Member's password and authenticate them. This endpoint checks that the password reset token is valid, hasn’t expired, or already been used.

The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint. If the token and password are accepted, the password is securely stored for future authentication and the user is authenticated.

If the Member is required to complete MFA to log in to the Organization, the returned value of member_authenticated will be false, and an intermediate_session_token will be returned. The intermediate_session_token can be passed into the OTP SMS Authenticate endpoint to complete the MFA step and acquire a full member session. The session_duration_minutes and session_custom_claims parameters will be ignored.

If a valid session_token or session_jwt is passed in, the Member will not be required to complete an MFA step.

Note that a successful password reset by email will revoke all active sessions for the member_id.


Body parameters


password_reset_token*string

password*string

session_tokenstring

session_jwtstring

intermediate_session_tokenstring

session_duration_minutesint

session_custom_claimsmap<string, any>

code_verifierstring

localestring

Response fields


request_idstring

status_codeint

member_idstring

member_email_idstring

member_sessionobject

session_tokenstring

session_jwtstring

intermediate_session_tokenstring

member_authenticatedboolean

mfa_requiredobject

primary_requiredobject

organization_idstring

memberobject

organizationobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/passwords/email/reset \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "password_reset_token": "SeiGwdj5lKkrEVgcEY3QNJXt6srxS3IK2Nwkar6mXD4=",
    "password": "$B&M)3$B$eCk_2@c"
  }'

RESPONSE

200
{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
  "intermediate_session_token": "",
  "member_authenticated": true,
  "mfa_required": null,
  "primary_required": null,
  "member_email_id": "member-email-test-1dd089b3-8904-47ef-b943-987968e549d4",
  "member": {...}
}

Common Error Types