The resetByEmail method wraps the Reset By Email Password API endpoint. This endpoint the user’s password and authenticate them. This endpoint checks that the magic link token is valid, hasn't expired, or already been used. The provided password needs to meet our password strength requirements, which can be checked in advance with the Strength Check Password API endpoint.
If this method succeeds, the user will be logged in, granted an active session, and the session data will be persisted on device.
You can listen for successful login events anywhere in the codebase with the stytch.session.onChange() method or useStytchSession hook.