Use this endpoint to exchange a Member's existing session for another session in a different Organization. This can be used to accept an invite, but not to create a new member via domain matching.
To create a new member via domain matching, use the Exchange Intermediate Session flow instead.
Only Email Magic Link, OAuth, and SMS OTP factors can be transferred between sessions. Other authentication factors, such as password factors, will not be transferred to the new session. SMS OTP factors can be used to fulfill MFA requirements for the target Organization if both the original and target Member have the same phone number and the phone number is verified for both Members.
If the Member is required to complete MFA to log in to the Organization, the returned value of member_authenticated will be false, and an intermediate_session_token will be returned. The intermediate_session_token can be passed into the OTP SMS Authenticate endpoint to complete the MFA step and acquire a full member session. The intermediate_session_token can also be used with the Exchange Intermediate Session endpoint or the Create Organization via Discovery endpoint to join a different Organization or create a new one. The session_duration_minutes and session_custom_claims parameters will be ignored.