B2B Saas Authentication

/

API reference

/

Passwords

/

Reset Options

/

Password reset by session

Session reset

POSThttps://test.stytch.com/v1/b2b/passwords/session/reset

Reset the Member's password using their existing session. The endpoint will error if the session does not contain an authentication factor that has been issued within the last 5 minutes. Either session_token or session_jwt should be provided.

Note that a successful password reset via an existing session will revoke all active sessions for the member_id, except for the one used during the reset flow.

Body parameters

organization_id*string
password*string
session_tokenstring
session_jwtstring
session_duration_minutesint
session_custom_claimsmap<string, any>
localestring

Response fields

request_idstring
status_codeint
member_sessionobject
member_idstring
memberobject
organizationobject
session_tokenstring
session_jwtstring
intermediate_session_tokenstring
member_authenticatedboolean
mfa_requiredobject
primary_requiredobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/passwords/session/reset \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
    "password": "OEKx+DtwzEIBz(rc",
    "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q"
  }'

RESPONSE

200
{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
  "member_session": {...},
  "member": {...},
}

Common Error Types