B2B Saas Authentication

/

API reference

/

Passwords

/

Reset Options

/

Password reset by session

Session reset

POSThttps://test.stytch.com/v1/b2b/passwords/session/reset

Reset the Member's password using their existing session. The endpoint will error if the session does not contain an authentication factor that has been issued within the last 5 minutes. Either session_token or session_jwt should be provided.

Note that a successful password reset via an existing session will revoke all active sessions for the member_id, except for the one used during the reset flow.


Body parameters


organization_id*string

password*string

session_tokenstring

session_jwtstring

session_duration_minutesint

session_custom_claimsmap<string, any>

localestring

Response fields


request_idstring

status_codeint

member_sessionobject

member_idstring

memberobject

organizationobject

session_tokenstring

session_jwtstring

intermediate_session_tokenstring

member_authenticatedboolean

mfa_requiredobject

primary_requiredobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/passwords/session/reset \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
    "password": "$B&M)3$B$eCk_2@c",
    "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q"
  }'

RESPONSE

200
{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
  "member_session": {...},
  "member": {...},
}

Common Error Types