Stytch – The most powerful identity platform built for developers

Migrate

POST

https://test.stytch.com/v1/b2b/passwords/migrate

Adds an existing password to a Member's email that doesn't have a password yet.

We support migrating members from passwords stored with bcrypt, scrypt, argon2, MD-5, SHA-1, and PBKDF2. This endpoint has a rate limit of 100 requests per second.

The Member's email will be marked as verified when you use this endpoint.

If you are using cross-organization passwords, i.e. allowing an end user to share the same password across all of their Organizations, call this method separately for each organization_id associated with the given email_address to ensure the password is set across all of their Organizations.

Body parameters

organization_id* string

email_address* string

hash* string

hash_type* string

mfa_phone_number string

set_phone_number_verified boolean

name string

trusted_metadata object

untrusted_metadata object

scrypt_config object

argon_2_config object

md_5_config object

sha_1_config object

pbkdf_2_config object

roles array[strings]

preserve_existing_sessions boolean

external_id string

Response fields

member_id string

member_created boolean

member object

organization object

status_code int

request_id string

const stytch = require('stytch');

const client = new stytch.B2BClient({
  project_id: 'PROJECT_ID',
  secret: 'SECRET',
});

const params = {
  email_address: "sandbox@stytch.com",
  hash: "$2a$12$vefoDBbzuMb/NczV/fc9QemTizkNAZr9EO02pIUHPAAJibcYp0.ne",
  hash_type: "bcrypt",
  organization_id: "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
  external_id: "my-new-external-id",
};

client.passwords.migrate(params)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });

RESPONSE

{
	"member": {
		"email_address": "sandbox@stytch.com",
		"email_address_verified": true,
		"is_breakglass": false,
		"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
		"member_password_id": "member-password-test-2aaf4...",
		"mfa_enrolled": false,
		"mfa_phone_number": "",
		"mfa_phone_number_verified": false,
		"name": "",
		"oauth_registrations": [],
		"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
		"sso_registrations": [],
		"scim_registration": [],
		"status": "pending",
		"trusted_metadata": {},
		"untrusted_metadata": {}
	},
	"member_created": true,
	"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
	"organization": {...},
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200
}

Delete

Organization

Discovery

Organization

Discovery

Discovery

Organization

Token

SAML

OIDC

External

Shared

Connection management

Token management

SCIM groups

Create or Reset Options

One-time passcodes

Time-based one-time passcodes

Recovery codes

TOKEN

M2M Client

Rotate secret

Tokens

Configuration

Methods

Consent Management

Application Management

Rotate secret

Migrate

Body parameters

Response fields

Common Error Types