The TOTP Authenticate method wraps the authenticate TOTP API endpoint.
If there is a current Member Session, the SDK will call the endpoint with the session token. This will add the totp factor to the existing Member Session. Otherwise, the SDK will use the intermediate session token. This will consume the intermediate session token and create a Member Session.
Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required, such as email magic link authenticate, or upon successful calls to discovery authenticate methods, such as email magic link discovery authenticate.
If neither a Member Session nor an intermediate session token is present, this method will fail.
If this method succeeds, the Member will be logged in, granted an active session, and the session data will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.