Multi-tenancy authentication API reference - update organization

Update an Organization

PUThttps://test.stytch.com/v1/b2b/organizations/{organization_id}

Updates an Organization specified by organization_id. An Organization must always have at least one auth setting set to either RESTRICTED or ALL_ALLOWED in order to provision new Members.

*See the Organization authentication settings resource to learn more about fields like email_jit_provisioning, email_invites, sso_jit_provisioning, etc., and their behaviors.

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a session_token or a session_jwt for an unexpired Member Session, we will check that the Member Session has the necessary permissions. The specific permissions needed depend on which of the optional fields are passed in the request. For example, if the organization_name argument is provided, the Member Session must have permission to perform the update.info.name action on the stytch.organization Resource.

If the Member Session does not contain a Role that satisfies the requested permissions, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our RBAC guide.

Path parameters

organization_id* string

Body parameters

organization_name string

organization_slug string

organization_logo_url string

trusted_metadata object

email_jit_provisioning string

email_invites string

email_allowed_domains array[strings]

sso_default_connection_id string

sso_jit_provisioning string

sso_jit_provisioning_allowed_connections array[strings]

auth_methods string

allowed_auth_methods array[strings]

mfa_methods string

allowed_mfa_methods array[strings]

mfa_policy string

rbac_email_implicit_role_assignments array[object]

Header parameters

X-Stytch-Member-Session string

X-Stytch-Member-SessionJWT string

Response fields

request_id string

status_code int

organization object

curl --request PUT \
  --url https://test.stytch.com/v1/b2b/organizations/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931 \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -d '{
    "organization_name": "Example Org Inc.",
    "email_jit_provisioning": "ALL_ALLOWED"
  }'

RESPONSE

{
  "status_code": 200,
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "organization": {
	"email_allowed_domains": [],
	"email_invites": "ALL_ALLOWED",
	"email_jit_provisioning": "ALL_ALLOWED",
	"mfa_policy": "OPTIONAL",
	"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
	"organization_logo_url": "",
	"organization_name": "Example Org Inc.",
	"organization_slug": "example-org",
	"sso_default_connection_id": null,
	"sso_jit_provisioning": "ALL_ALLOWED",
	"sso_jit_provisioning_allowed_connections": [],
	"sso_active_connections": [],
	"scim_active_connections": [],
	"trusted_metadata": {},
	"auth_methods": "ALL_ALLOWED",
    "allowed_auth_methods": []
  }
}