Build a signup UX
Design a signup experience where the user sets a password. Then call Create user with password with the email and password.

A successful call creates a user and can start a session when
session_duration_minutes is provided.Handle these errors:duplicate_email: A user with this email already exists.weak_passwordorbreached_password: See the next step for guidance.
Add a password strength check to your signup UX
Password strength is determined by zxcvbn (score 0–4) and by checking the password against the HaveIBeenPwned dataset. A score of 
Use Stytch’s Strength check endpoint to provide actionable feedback to users.
<= 2 yields a weak_password error; a leaked password yields a breached_password error.Build a login UX
Collect the user’s email and password and call Authenticate user with password. A successful call authenticates the user and can start a session.

Handle these errors:
unauthorized_credentialsandemail_not_found: Ask the user to try again.reset_password: The password must be reset (for example, due to a breached password).
Add a reset password flow
Provide a reset password flow for users who forget their password or require a reset.Use Start email password reset to begin the flow. If the account doesn’t exist, you’ll receive 


For “Log in without password”, support Email Magic Links and authenticate the token. This does not resolve a
email_not_found.Build a Reset Password page and add the URL as a Reset Password redirect in the Stytch Dashboard. On that page, collect the new password and the token from the URL and call Password reset by email.reset_email error.You're done
You now have password signup, login, and reset flows. Have feedback after integrating? Reach out in our forum, via support@stytch.com, or in our community Slack.