Exchange Intermediate Session

POSThttps://test.stytch.com/v1/b2b/discovery/intermediate_sessions/exchange

Exchange an Intermediate Session for a fully realized Member Session in a desired Organization. This operation consumes the Intermediate Session.

This endpoint can be used to accept invites and create new members via domain matching.

If the Member is required to complete MFA to log in to the Organization, the returned value of member_authenticated will be false. The intermediate_session_token will not be consumed and instead will be returned in the response. The intermediate_session_token can be passed into the OTP SMS Authenticate endpoint to complete the MFA step and acquire a full member session. The intermediate_session_token can also be used with the Exchange Intermediate Session endpoint or the Create Organization via Discovery endpoint to join a different Organization or create a new one. The session_duration_minutes and session_custom_claims parameters will be ignored.

Body parameters

intermediate_session_token*string
organization_id*string
session_duration_minutesint
session_custom_claimsmap<string, any>
localestring

Response fields

request_idstring
status_codeint
member_idstring
session_tokenstring
session_jwtstring
intermediate_session_tokenstring
member_authenticatedboolean
mfa_requiredobject
member_sessionobject
memberobject
organizationobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/discovery/intermediate_sessions/exchange \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "intermediate_session_token": "SeiGwdj5lKkrEVgcEY3QNJXt6srxS3IK2Nwkar6mXD4=",
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931"
  }'

RESPONSE

200
{
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200,
	"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
	"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
	"session_jwt": "eyJ...",
	"intermediate_session_token": "",
	"member_authenticated": true,
	"mfa_required": null,
    "member_session": {...},
    "member": {...},
    "organization": {...}
}