The React Native SDK provides headless methods to authenticate passwords, reset passwords, and check password strength.
Passwords
Methods
The SDK provides methods that can be used to authenticate password-based members, reset passwords, and add a password to an existing passwordless member.
To call these methods, Passwords must be enabled in the SDK Configuration page of the Stytch dashboard.
Authenticate
The authenticate method wraps the Authenticate password API endpoint.
If there is a current Member Session, the SDK will call the endpoint with the session token. This will add the new factor to the existing Member Session.
If there is an intermediate session token, the SDK will call the endpoint with it. If the resulting set of factors satisfies the organization's primary authentication requirements and MFA requirements, the intermediate session token will be consumed and converted to a Member Session. If not, the same intermediate session token will be returned.
If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session data will be persisted on device.
If this method succeeds and MFA is required, the intermediate session token will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const Login = () => {
const stytchClient = useStytchB2BClient();
const authenticatePassword = useCallback(() => {
stytchClient.passwords.authenticate({
email_address: 'sandbox@stytch.com',
organization_id: 'organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931',
password: '0bzfS&7+b!wo^%YV',
session_duration_minutes: 60,
});
}, [stytchClient]);
return <button onClick={authenticatePassword}>Authenticate Password</button>;
};
RESPONSE
{
"status_code": 200,
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"method_id": "member-email-test-1dd089b3-8904-47ef-b943-987968e549d4",
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931",
"reset_sessions": false,
"session_jwt": "example_jwt",
"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
"intermediate_session_token": "",
"member_authenticated": true,
"mfa_required": null,
"member_session": {...},
"member": {...},
"organization": {...}
}
Reset by email start
The resetByEmailStart method wraps the reset_by_email_start Password API endpoint.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const ResetPasswordStart = () => {
const stytchClient = useStytchB2BClient();
const resetPasswordStart = useCallback(() => {
stytchClient.passwords.resetByEmailStart({
email_address: 'sandbox@stytch.com',
organization_id: 'organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931',
});
}, [stytchClient]);
return <button onClick={resetPasswordStart}>Reset Password</button>;
};
RESPONSE
{
"status_code": 200,
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"member_email_id": "email-test-81bf03a8-86e1-4d95-bd44-bb3495224953",
"member": {...}
}
Reset by email
The resetByEmail method wraps the Reset by Email Password API endpoint.
If there is a current Member Session, the SDK will call the endpoint with the session token. This will add the new factor to the existing Member Session.
If there is an intermediate session token, the SDK will call the endpoint with it. If the resulting set of factors satisfies the organization's primary authentication requirements and MFA requirements, the intermediate session token will be consumed and converted to a Member Session. If not, the same intermediate session token will be returned.
If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session data will be persisted on device.
If this method succeeds and MFA is required, the intermediate session token will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const ResetPassword = () => {
const stytchClient = useStytchB2BClient();
const token = new URLSearchParams(window.location.search).get('token');
const resetPassword = useCallback(() => {
stytchClient.passwords.resetByEmail({
token: token,
password: '0bzfS&7+b!wo^%YV',
session_duration_minutes: 60,
});
}, [stytchClient, token]);
return <button onClick={resetPassword}>Reset Password</button>;
};
RESPONSE
{
"status_code": 200,
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"member_id": "",
"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
"intermediate_session_token": "",
"member_authenticated": true,
"mfa_required": null,
"member_email_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"member": {...}
}
Reset by existing password
The resetByExistingPassword method wraps the Reset by existing password Password API endpoint.
If there is a current Member Session, the SDK will call the endpoint with the session token. This will add the new factor to the existing Member Session.
If this method succeeds and the Member is not required to complete MFA, the Member will be logged in, granted an active session, and the session data will be persisted on device.
If this method succeeds and MFA is required, the intermediate session token will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const ResetPassword = () => {
const stytchClient = useStytchB2BClient();
const resetPassword = useCallback(() => {
stytchClient.passwords.resetByExistingPassword({
email_address: 'sandbox@stytch.com',
existing_password: 'existing_password',
new_password: '0bzfS&7+b!wo^%YV',
session_duration_minutes: 60,
organization_id: 'organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931',
});
}, [stytchClient]);
return <button onClick={resetPassword}>Reset Password</button>;
};
RESPONSE
{
"intermediate_session_token": "",
"member": {...},
"member_authenticated": true,
"mfa_required": null,
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"member_session": {...},
"organization": {...}
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"session_jwt": "example_jwt",
"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
"status_code": 200
}
Reset by session
The resetBySession method wraps the Reset by Session Password API endpoint. The Member must have an active Member Session for this method to be called.
If this method succeeds, the password factor will be added to the existing Member Session and the session data will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchMemberSession hook.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const ResetPassword = () => {
const stytchClient = useStytchB2BClient();
const resetPassword = useCallback(() => {
stytchClient.passwords.resetBySession({
organization_id: 'organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931',
password: '0bzfS&7+b!wo^%YV',
});
}, [stytchClient]);
return <button onClick={resetPassword}>Reset Password</button>;
};
RESPONSE
{
"intermediate_session_token": "",
"member": {...},
"member_authenticated": true,
"mfa_required": null,
"member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
"member_session": {...},
"organization": {...}
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"session_jwt": "example_jwt",
"session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
"status_code": 200
}
Strength check
This method allows you to check whether or not the Member’s provided password is valid, and to provide feedback to the Member on how to increase the strength of their password. All passwords must pass the strength requirements to be accepted as valid.
The strengthCheck method wraps the strength check Password API endpoint.
Method parameters
import React, { useCallback } from 'react';
import { useStytchB2BClient } from '@stytch/react-native/b2b';
export const StrengthCheck = () => {
const stytchClient = useStytchB2BClient();
const strengthCheck = useCallback(() => {
stytchClient.passwords.strengthCheck({
password: '0bzfS&7+b!wo^%YV',
});
}, [stytchClient]);
return <button onClick={strengthCheck}>Strength Check</button>;
};
RESPONSE
{
"breach_detection_on_create": true,
"breached_password": false,
"feedback": {
"suggestions": null,
"warning": null,
"luds_requirements": {
"has_digit": true,
"has_lower_case": false,
"has_symbol": false,
"has_upper_case": false,
"missing_characters": 6,
"missing_complexity": 1
}
},
"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
"score": 0,
"status_code": 200,
"strength_policy": "luds",
"valid_password": false
}