B2B Saas Authentication

/

Frontend SDKs

/

Headless

/

Passwords

/

Reset by Email

Reset by email

The resetByEmail method wraps the Reset By Email Password API endpoint. This endpoint the Member’s password and authenticate them. This endpoint checks that the magic link token is valid, hasn't expired, or already been used. The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint.

If this method succeeds, the Member will be logged in, granted an active session, and the session cookies will be minted and stored in the browser.

If there is a current Member Session, the SDK will call the endpoint with the session token. This will add the new factor to the existing Member Session.

If there is an intermediate session token, the SDK will call the endpoint with it. If the resulting set of factors satisfies the organization's primary authentication requirements and MFA requirements, the intermediate session token will be consumed and converted to a Member Session. If not, the same intermediate session token will be returned.

If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session cookies will be minted and stored in the browser.

If this method succeeds and MFA is required, the intermediate session token will be stored in the browser as a cookie.

You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook if you are using React.

Method parameters

password_reset_token*string
password*string
session_duration_minutes*int

Response fields

request_idstring
status_codeint
member_idstring
session_tokenstring
intermediate_session_tokenstring
member_authenticatedboolean
mfa_requiredobject
member_email_idstring
memberobject
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react/b2b';

export const ResetPassword = () => {
  const stytch = useStytchB2BClient();

  const token = new URLSearchParams(window.location.search).get('token');

  const resetPassword = useCallback(() => {
    if (token) {
      stytch.passwords.resetByEmail({
        password_reset_token: token,
        password: '$B&M)3$B$eCk_2@c',
        session_duration_minutes: 60,
      });
    }
  }, [stytch, token]);

  return <button onClick={resetPassword}>Reset Password</button>;
};

RESPONSE

200
{
    "status_code": 200,
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "member_id": "",
    "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
    "intermediate_session_token": "",
    "member_authenticated": true,
    "mfa_required": null,
    "member_email_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
    "member": {...}
}