Discovery

The Discovery product lets End Users discover and log in to Organizations they are a Member of, invited to, or eligible to join.

Unlike our other B2B products, Discovery allows End Users to authenticate without specifying an Organization in advance. This is done via a Discovery Magic Link flow. After an End User is authenticated, an Intermediate Session is returned along with a list of associated Organizations.

The End User can then authenticate to the desired Organization by passing the Intermediate Session and organization_id. End users can even create a new Organization instead of joining or logging in to an existing one.

Methods

List discovered Organizations

Wraps Stytch's list discovered Organizations endpoint. If there is a current Member Session, the SDK will call the endpoint with the session token. Otherwise, the SDK will use the intermediate session token.

Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required, such as email magic link authenticate, or upon successful calls to discovery authenticate methods, such as email magic link discovery authenticate.

If neither a Member Session nor an intermediate session token is present, this method will fail.

import React, { useEffect } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';

export const DiscoveryAuthenticate = () => {
  const stytch = useStytchB2BClient();

  useEffect(async () => {
    const { email_address, discovered_organizations } = await stytch.discovery.organizations.list();
    console.log({ discovered_organizations });
  });

  return <div>Find Your Organization</div>;
};

RESPONSE

200
{
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200,
	"email_address": "sandbox@stytch.com",
	"discovered_organizations": [{...}, {...}],
	"organization_id_hint": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931"
}

Create Organization via discovery

Wraps Stytch's create Organization via discovery endpoint. This method will fail if there is no intermediate session token persisted on device.

Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required, such as email magic link authenticate, or upon successful calls to discovery authenticate methods, such as email magic link discovery authenticate.

The Member created by this endpoint will automatically be granted the stytch_admin Role. See the RBAC guide for more details on this Role.

If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session data will be persisted on device. The intermediate session token will be consumed and removed from the device.

If this method succeeds and MFA is required, the intermediate session token will not be consumed and will continue to be persisted on device.

You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.

To call this method, Create Organizations must be enabled in the SDK Configuration page of the Stytch dashboard.


Method parameters


session_duration_minutes*int

organization_namestring

organization_slugstring

organization_logo_urlstring

email_jit_provisioningstring

email_invitesstring

email_allowed_domainsarray[strings]

sso_jit_provisioningstring

auth_methodsstring

allowed_auth_methodsarray[strings]

mfa_policystring
import React, { useEffect } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';

export const CreateOrganization = () => {
  const stytch = useStytchB2BClient();

  useEffect(() => {
    stytch.discovery.organizations.create({
      organization_name: 'Example Org Inc.',
      organization_slug: 'example-org',
      session_duration_minutes: 60,
    });
  });

  return <div>Create Organization</div>;
};

RESPONSE

200
{
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200,
	"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
	"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
	"session_jwt": "eyJ...",
	"intermediate_session_token": "",
	"member_authenticated": true,
	"mfa_required": null,
    "member_session": {...},
    "member": {...},
    "organization": {...}
}

Exchange intermediate session

Wraps Stytch's exchange intermediate session endpoint. This method will fail if there is no intermediate session token persisted on device.

Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required, such as email magic link authenticate, or upon successful calls to discovery authenticate methods, such as email magic link discovery authenticate.

If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session data will be persisted on device. The intermediate session token will be consumed and removed from the device.

If this method succeeds and MFA is required, the intermediate session token will not be consumed and will continue to be persisted on device.

You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.


Method parameters


organization_id*string

session_duration_minutes*int

localestring
import React, { useEffect } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';

export const exchangeIntermediateSession = () => {
  const stytch = useStytchB2BClient();

  useEffect(() => {
    stytch.discovery.intermediateSessions.exchange({
      organization_id: 'organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931',
      session_duration_minutes: 60,
    });
  });

  return <div>Log In</div>;
};

RESPONSE

200
{
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200,
	"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
	"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
	"session_jwt": "eyJ...",
	"intermediate_session_token": "",
	"member_authenticated": true,
	"mfa_required": null,
    "member_session": {...},
    "member": {...},
    "organization": {...}
}