Exchange an Intermediate Session for a fully realized Member Session in a desired Organization. This operation consumes the Intermediate Session.
This endpoint can be used to accept invites and create new members via domain matching.
If the Member is required to complete MFA to log in to the Organization, the returned value of member_authenticated will be false. The intermediate_session_token will not be consumed and instead will be returned in the response. The intermediate_session_token can be passed into the OTP SMS Authenticate endpoint to complete the MFA step and acquire a full member session. The intermediate_session_token can also be used with the Exchange Intermediate Session endpoint or the Create Organization via Discovery endpoint to join a different Organization or create a new one. The session_duration_minutes and session_custom_claims parameters will be ignored.
If the Member is logging in via an OAuth provider that does not fully verify the email, the returned value of member_authenticated will be false. The intermediate_session_token will not be consumed and instead will be returned in the response. The primary_required field details the authentication flow the Member must perform in order to complete a step-up authentication into the organization. The intermediate_session_token must be passed into that authentication flow.