Multi-tenancy authentication API reference - existing reset

Existing reset

POSThttps://test.stytch.com/v1/b2b/passwords/existing_password/reset

Reset the member’s password using their existing password.

This endpoint adapts to your Project's password strength configuration. If you're using zxcvbn, the default, your passwords are considered valid if the strength score is >= 3. If you're using LUDS, your passwords are considered valid if they meet the requirements that you've set with Stytch. You may update your password strength configuration in the stytch dashboard.

If the Member is required to complete MFA to log in to the Organization, the returned value of member_authenticated will be false, and an intermediate_session_token will be returned. The intermediate_session_token can be passed into the OTP SMS Authenticate endpoint to complete the MFA step and acquire a full member session. The session_duration_minutes and session_custom_claims parameters will be ignored.

If a valid session_token or session_jwt is passed in, the Member will not be required to complete an MFA step.

Body parameters

organization_id* string

email_address* string

existing_password* string

new_password* string

session_token string

session_jwt string

session_duration_minutes int

session_custom_claims map<string, any>

locale string

Response fields

request_id string

status_code int

member object

member_authenticated boolean

intermediate_session_token string

mfa_required object

member_id string

session_token string

session_jwt string

member_session object

organization object

curl --request POST \
  --url https://test.stytch.com/v1/b2b/passwords/existing_password/reset \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "email_address": "sandbox@stytch.com",
    "existing_password": "old_password",
    "new_password": "x_VmP_S7oTo9saWg",
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931"
  }'

RESPONSE

{
    "intermediate_session_token": "",
    "member": {...},
    "member_authenticated": true,
    "mfa_required": null,
    "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
    "member_session": {...},
    "organization": {...}
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "session_jwt": "example_jwt",
    "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
    "status_code": 200
}