Skip to main content

User session

A user session begins after any authentication endpoint (e.g. authenticate magic link) is called with a specified session_duration_minutes. If you do not pass in a session_duration_minutes parameter, a session will not be created. These endpoints mint a User Session and return a session_token and session_jwt in the response, which can be forwarded to the client and stored:
Response 200
{
  "method_id": "email-test-81bf03a8-86e1-4d95-bd44-bb3495224953",
  "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
  "reset_sessions": false,
  "session": "{...}",
  "session_token": "mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q",
  "session_jwt": "eyJ...",
  "status_code": 200,
  "user": {...},
  "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6" 
}
Object 200
{
  "session": {
    "attributes": {
        "ip_address": "",
        "user_agent": ""
    },
    "authentication_factors": [
      {
        "created_at": "2025-01-09T07:41:52Z",
        "delivery_method": "email",
        "email_factor": {
          "email_address": "sandbox@stytch.com",
          "email_id": "email-test-81bf03a8-86e1-4d95-bd44-bb3495224953"
        },
        "last_authenticated_at": "2025-01-09T07:41:52Z",
        "updated_at": "2025-01-09T07:41:52Z",
        "type": "magic_link"
      },
      {
        "created_at": "2025-01-09T08:41:52Z",
        "delivery_method": "knowledge",
        "last_authenticated_at": "2025-01-09T08:41:52Z",
        "type": "password",
        "updated_at": "2025-01-09T08:41:52Z"
      }
    ],
    "custom_claims": {
      "claim1": "value1",
      "claim2": "value2"
    },
    "expires_at": "2025-04-22T08:00:00Z",
    "last_accessed_at": "2025-04-22T07:41:52Z",
    "started_at": "2025-04-22T07:00:00Z",
    "session_id": "session-test-fe6c042b-6286-479f-8a4f-b046a6c46509",
    "user_id": "user-test-16d9ba61-97a1-4ba4-9720-b03761dc50c6"
  }
}
Before performing any action that requires authorization, authenticate the user session to ensure that the session is valid.