stytch 6.2.1 → 6.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9d5d25d2cefdc1dfb620d3c190fb883d8b33e33e3fba584825524968d416b8dc
4
- data.tar.gz: 2168f866d3ce1a8f6bfe7a39618d857c5e835a33977f6147182055254a9b3ee3
3
+ metadata.gz: 94327b3a992f3e596ec4c0a5a6bad97d2c78041e15f12a470949819aa5c0994d
4
+ data.tar.gz: a02935d82c7129002058f425f15d73886b5f373b9f942e35cfb410fd62c7148d
5
5
  SHA512:
6
- metadata.gz: abbd1bb992381e8eec80668e88e5b048a546bee91da7e78f04d9e4029b9ab2515da6d87b14cdfbcd6f344d3670c4255c63d2079060a55a8013326227d1e2477e
7
- data.tar.gz: 8e659c85efa1eaa046e81b37e738724d566db31ba32456ca8b36597daae4ed9e638df7dba4a0252bd4ba486f24ead89a5d4bbab2f83d7217376fc16828f96cff
6
+ metadata.gz: c366e0741c92ecf5ce5413beb57917a01f733ecc231540aebfab19c8a51ee75e7ee9deded5d23453b0580fc3556c90f7e2d1b707dfd79fa6aa6fa6b43cf5e152
7
+ data.tar.gz: 9e2540999fa38c50436ea9409859cff663378d7b4a4d21a9ec15bdc8e36b326ed3ae2d681751739adbcecb57b3bd3a1c578394ba6d9dd2b92a1e9b5863f1a84b
@@ -32,7 +32,7 @@ module StytchB2B
32
32
  #
33
33
  # This endpoint can be used to accept invites and create new members via domain matching.
34
34
  #
35
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`.
35
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`.
36
36
  # The `intermediate_session_token` will not be consumed and instead will be returned in the response.
37
37
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
38
38
  # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
@@ -67,7 +67,7 @@ module StytchB2B
67
67
  # Total custom claims size cannot exceed four kilobytes.
68
68
  # The type of this field is nilable +object+.
69
69
  # locale::
70
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
70
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
71
71
  #
72
72
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
73
73
  #
@@ -92,7 +92,7 @@ module StytchB2B
92
92
  # The JSON Web Token (JWT) for a given Stytch Session.
93
93
  # The type of this field is +String+.
94
94
  # member::
95
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
95
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
96
96
  # The type of this field is +Member+ (+object+).
97
97
  # organization::
98
98
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -113,7 +113,7 @@ module StytchB2B
113
113
  # The [Session object](https://stytch.com/docs/b2b/api/session-object).
114
114
  # The type of this field is nilable +MemberSession+ (+object+).
115
115
  # mfa_required::
116
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
116
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
117
117
  # The type of this field is nilable +MfaRequired+ (+object+).
118
118
  def exchange(
119
119
  intermediate_session_token:,
@@ -148,7 +148,7 @@ module StytchB2B
148
148
  #
149
149
  # This endpoint can also be used to start an initial session for the newly created member and organization.
150
150
  #
151
- # (Coming Soon) If the new Organization is created with a `mfa_policy` of `REQUIRED_FOR_ALL`, the newly created Member will need to complete an MFA step to log in to the Organization.
151
+ # If the new Organization is created with a `mfa_policy` of `REQUIRED_FOR_ALL`, the newly created Member will need to complete an MFA step to log in to the Organization.
152
152
  # The `intermediate_session_token` will not be consumed and instead will be returned in the response.
153
153
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
154
154
  # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
@@ -240,7 +240,7 @@ module StytchB2B
240
240
  #
241
241
  # The type of this field is nilable list of +String+.
242
242
  # mfa_policy::
243
- # (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
243
+ # The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
244
244
  #
245
245
  # `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
246
246
  #
@@ -263,7 +263,7 @@ module StytchB2B
263
263
  # The JSON Web Token (JWT) for a given Stytch Session.
264
264
  # The type of this field is +String+.
265
265
  # member::
266
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
266
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
267
267
  # The type of this field is +Member+ (+object+).
268
268
  # member_authenticated::
269
269
  # Indicates whether the Member is fully authenticated. If false, the Member needs to complete an MFA step to log in to the Organization.
@@ -284,7 +284,7 @@ module StytchB2B
284
284
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
285
285
  # The type of this field is nilable +Organization+ (+object+).
286
286
  # mfa_required::
287
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
287
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
288
288
  # The type of this field is nilable +MfaRequired+ (+object+).
289
289
  def create(
290
290
  intermediate_session_token:,
@@ -23,7 +23,7 @@ module StytchB2B
23
23
  # Authenticate a Member with a Magic Link. This endpoint requires a Magic Link token that is not expired or previously used. If the Member’s status is `pending` or `invited`, they will be updated to `active`.
24
24
  # Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
25
25
  #
26
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
26
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
27
27
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
28
28
  # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
29
29
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -66,7 +66,7 @@ module StytchB2B
66
66
  # Total custom claims size cannot exceed four kilobytes.
67
67
  # The type of this field is nilable +object+.
68
68
  # locale::
69
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
69
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
70
70
  #
71
71
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
72
72
  #
@@ -95,7 +95,7 @@ module StytchB2B
95
95
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
96
96
  # The type of this field is +String+.
97
97
  # member::
98
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
98
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
99
99
  # The type of this field is +Member+ (+object+).
100
100
  # session_token::
101
101
  # A secret token for a given Stytch Session.
@@ -122,7 +122,7 @@ module StytchB2B
122
122
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
123
123
  # The type of this field is +Integer+.
124
124
  # mfa_required::
125
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
125
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
126
126
  # The type of this field is nilable +MfaRequired+ (+object+).
127
127
  def authenticate(
128
128
  magic_links_token:,
@@ -207,7 +207,7 @@ module StytchB2B
207
207
  # A flag indicating `true` if a new Member object was created and `false` if the Member object already existed.
208
208
  # The type of this field is +Boolean+.
209
209
  # member::
210
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
210
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
211
211
  # The type of this field is +Member+ (+object+).
212
212
  # organization::
213
213
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -289,7 +289,7 @@ module StytchB2B
289
289
  # Globally unique UUID that identifies a specific Member.
290
290
  # The type of this field is +String+.
291
291
  # member::
292
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
292
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
293
293
  # The type of this field is +Member+ (+object+).
294
294
  # organization::
295
295
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -21,7 +21,7 @@ module StytchB2B
21
21
 
22
22
  # Authenticate a Member given a `token`. This endpoint verifies that the member completed the OAuth flow by verifying that the token is valid and hasn't expired. Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
23
23
  #
24
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
24
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
25
25
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
26
26
  # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
27
27
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -60,7 +60,7 @@ module StytchB2B
60
60
  # A base64url encoded one time secret used to validate that the request starts and ends on the same device.
61
61
  # The type of this field is nilable +String+.
62
62
  # locale::
63
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
63
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
64
64
  #
65
65
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
66
66
  #
@@ -91,7 +91,7 @@ module StytchB2B
91
91
  # The JSON Web Token (JWT) for a given Stytch Session.
92
92
  # The type of this field is +String+.
93
93
  # member::
94
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
94
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
95
95
  # The type of this field is +Member+ (+object+).
96
96
  # organization_id::
97
97
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
@@ -123,7 +123,7 @@ module StytchB2B
123
123
  # Note that these values will vary based on the OAuth provider in question, e.g. `id_token` is only returned by Microsoft.
124
124
  # The type of this field is nilable +ProviderValues+ (+object+).
125
125
  # mfa_required::
126
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
126
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
127
127
  # The type of this field is nilable +MfaRequired+ (+object+).
128
128
  def authenticate(
129
129
  oauth_token:,
@@ -87,7 +87,7 @@ module StytchB2B
87
87
  #
88
88
  # The type of this field is nilable list of +String+.
89
89
  # mfa_policy::
90
- # (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
90
+ # The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
91
91
  #
92
92
  # `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
93
93
  #
@@ -238,7 +238,7 @@ module StytchB2B
238
238
  #
239
239
  # The type of this field is nilable list of +String+.
240
240
  # mfa_policy::
241
- # (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
241
+ # The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
242
242
  #
243
243
  # `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
244
244
  #
@@ -389,10 +389,10 @@ module StytchB2B
389
389
  # Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
390
390
  # The type of this field is nilable +Boolean+.
391
391
  # mfa_phone_number::
392
- # (no documentation yet)
392
+ # Sets the Member's phone number. Throws an error if the Member already has a phone number. To change the Member's phone number, use the [Delete member phone number endpoint](https://stytch.com/docs/b2b/api/delete-member-mfa-phone-number) to delete the Member's existing phone number first.
393
393
  # The type of this field is nilable +String+.
394
394
  # mfa_enrolled::
395
- # (Coming Soon) Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
395
+ # Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
396
396
  # The type of this field is nilable +Boolean+.
397
397
  #
398
398
  # == Returns:
@@ -404,7 +404,7 @@ module StytchB2B
404
404
  # Globally unique UUID that identifies a specific Member.
405
405
  # The type of this field is +String+.
406
406
  # member::
407
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
407
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
408
408
  # The type of this field is +Member+ (+object+).
409
409
  # organization::
410
410
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -461,6 +461,75 @@ module StytchB2B
461
461
  delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}")
462
462
  end
463
463
 
464
+ # Reactivates a deleted Member's status and its associated email status (if applicable) to active, specified by `organization_id` and `member_id`.
465
+ #
466
+ # == Parameters:
467
+ # organization_id::
468
+ # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
469
+ # The type of this field is +String+.
470
+ # member_id::
471
+ # Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
472
+ # The type of this field is +String+.
473
+ #
474
+ # == Returns:
475
+ # An object with the following fields:
476
+ # request_id::
477
+ # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
478
+ # The type of this field is +String+.
479
+ # member_id::
480
+ # Globally unique UUID that identifies a specific Member.
481
+ # The type of this field is +String+.
482
+ # member::
483
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
484
+ # The type of this field is +Member+ (+object+).
485
+ # organization::
486
+ # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
487
+ # The type of this field is +Organization+ (+object+).
488
+ # status_code::
489
+ # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
490
+ # The type of this field is +Integer+.
491
+ def reactivate(
492
+ organization_id:,
493
+ member_id:
494
+ )
495
+ request = {}
496
+
497
+ put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/reactivate", request)
498
+ end
499
+
500
+ # Delete a Member's MFA phone number.
501
+ #
502
+ # To change a Member's phone number, you must first call this endpoint to delete the existing phone number.
503
+ #
504
+ # Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again.
505
+ # If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number
506
+ # and calling the [OTP SMS send](https://stytch.com/docs/b2b/api/otp-sms-send) endpoint, then calling the [OTP SMS Authenticate](https://stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint.
507
+ #
508
+ # == Parameters:
509
+ # organization_id::
510
+ # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
511
+ # The type of this field is +String+.
512
+ # member_id::
513
+ # Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
514
+ # The type of this field is +String+.
515
+ #
516
+ # == Returns:
517
+ # An object with the following fields:
518
+ # request_id::
519
+ # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
520
+ # The type of this field is +String+.
521
+ # member_id::
522
+ # Globally unique UUID that identifies a specific Member.
523
+ # The type of this field is +String+.
524
+ # member::
525
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
526
+ # The type of this field is +Member+ (+object+).
527
+ # organization::
528
+ # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
529
+ # The type of this field is +Organization+ (+object+).
530
+ # status_code::
531
+ # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
532
+ # The type of this field is +Integer+.
464
533
  def delete_mfa_phone_number(
465
534
  organization_id:,
466
535
  member_id:
@@ -468,7 +537,7 @@ module StytchB2B
468
537
  delete_request("/v1/b2b/organizations/#{organization_id}/members/mfa_phone_numbers/#{member_id}")
469
538
  end
470
539
 
471
- # Search for Members within specified Organizations. An array with at least one `organization_id` is required. Submitting an empty `query` returns all Members within the specified Organizations.
540
+ # Search for Members within specified Organizations. An array with at least one `organization_id` is required. Submitting an empty `query` returns all non-deleted Members within the specified Organizations.
472
541
  #
473
542
  # *All fuzzy search filters require a minimum of three characters.
474
543
  #
@@ -538,7 +607,7 @@ module StytchB2B
538
607
  # Globally unique UUID that identifies a specific Member.
539
608
  # The type of this field is +String+.
540
609
  # member::
541
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
610
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
542
611
  # The type of this field is +Member+ (+object+).
543
612
  # organization::
544
613
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -580,10 +649,10 @@ module StytchB2B
580
649
  # Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
581
650
  # The type of this field is nilable +Boolean+.
582
651
  # mfa_phone_number::
583
- # (no documentation yet)
652
+ # The Member's phone number. A Member may only have one phone number.
584
653
  # The type of this field is nilable +String+.
585
654
  # mfa_enrolled::
586
- # (Coming Soon) Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
655
+ # Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
587
656
  # The type of this field is nilable +Boolean+.
588
657
  #
589
658
  # == Returns:
@@ -595,7 +664,7 @@ module StytchB2B
595
664
  # Globally unique UUID that identifies a specific Member.
596
665
  # The type of this field is +String+.
597
666
  # member::
598
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
667
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
599
668
  # The type of this field is +Member+ (+object+).
600
669
  # organization::
601
670
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -650,7 +719,7 @@ module StytchB2B
650
719
  # Globally unique UUID that identifies a specific Member.
651
720
  # The type of this field is +String+.
652
721
  # member::
653
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
722
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
654
723
  # The type of this field is +Member+ (+object+).
655
724
  # organization::
656
725
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -26,13 +26,20 @@ module StytchB2B
26
26
  @connection = connection
27
27
  end
28
28
 
29
- # Send a one-time passcode (OTP) to a Member's phone number. If the Member already has a phone number, this will send an OTP to the number associated with their `member_id`. If not, then this will send an OTP to the `phone_number` provided and link the `phone_number` with the Member.
30
- # An error will be thrown if the Member already has a phone number and the provided `phone_number` does not match the existing one.
29
+ # Send a One-Time Passcode (OTP) to a Member's phone number.
30
+ #
31
+ # If the Member already has a phone number, the `mfa_phone_number` field is not needed; the endpoint will send an OTP to the number associated with the Member.
32
+ # If the Member does not have a phone number, the endpoint will send an OTP to the `mfa_phone_number` provided and link the `mfa_phone_number` with the Member.
33
+ #
34
+ # An error will be thrown if the Member already has a phone number and the provided `mfa_phone_number` does not match the existing one.
31
35
  #
32
36
  # Note that sending another OTP code before the first has expired will invalidate the first code.
33
37
  #
34
38
  # If a Member has a phone number and is enrolled in MFA, then after a successful primary authentication event (e.g. [email magic link](https://stytch.com/docs/b2b/api/authenticate-magic-link) or [SSO](https://stytch.com/docs/b2b/api/sso-authenticate) login is complete), an SMS OTP will automatically be sent to their phone number. In that case, this endpoint should only be used for subsequent authentication events, such as prompting a Member for an OTP again after a period of inactivity.
35
39
  #
40
+ # ### Cost to send SMS OTP
41
+ # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
42
+ #
36
43
  # == Parameters:
37
44
  # organization_id::
38
45
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
@@ -41,7 +48,7 @@ module StytchB2B
41
48
  # Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
42
49
  # The type of this field is +String+.
43
50
  # mfa_phone_number::
44
- # (no documentation yet)
51
+ # The phone number to send the OTP to. If the Member already has a phone number, this argument is not needed.
45
52
  # The type of this field is nilable +String+.
46
53
  # locale::
47
54
  # Used to determine which language to use when sending the user this delivery method. Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
@@ -61,7 +68,7 @@ module StytchB2B
61
68
  # Globally unique UUID that identifies a specific Member.
62
69
  # The type of this field is +String+.
63
70
  # member::
64
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
71
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
65
72
  # The type of this field is +Member+ (+object+).
66
73
  # organization::
67
74
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -85,13 +92,20 @@ module StytchB2B
85
92
  post_request('/v1/b2b/otps/sms/send', request)
86
93
  end
87
94
 
88
- # Authenticates a Member's OTP code. This endpoint verifies that the code is valid and hasn't expired or been previously used. A given Member may only have a single active OTP code at any given time. If a Member requests another OTP code before the first one has expired, the first one will be invalidated.
95
+ # SMS OTPs may not be used as a primary authentication mechanism. They can be used to complete an MFA requirement, or they can be used as a step-up factor to be added to an existing session.
96
+ #
97
+ # This endpoint verifies that the one-time passcode (OTP) is valid and hasn't expired or been previously used. A given Member may only have a single active OTP code at any given time. If a Member requests another OTP code before the first one has expired, the first one will be invalidated.
89
98
  #
90
99
  # Exactly one of `intermediate_session_token`, `session_token`, or `session_jwt` must be provided in the request.
91
100
  # If an intermediate session token is provided, this operation will consume it.
92
101
  #
102
+ # Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required,
103
+ # such as [email magic link authenticate](https://stytch.com/docs/b2b/api/authenticate-magic-link),
104
+ # or upon successful calls to discovery authenticate methods, such as [email magic link discovery authenticate](https://stytch.com/docs/b2b/api/authenticate-discovery-magic-link).
105
+ #
93
106
  # If the Organization's MFA policy is `REQUIRED_FOR_ALL`, a successful OTP authentication will change the Member's `mfa_enrolled` status to `true` if it is not already `true`.
94
107
  # If the Organization's MFA policy is `OPTIONAL`, the Member's MFA enrollment can be toggled by passing in a value for the `set_mfa_enrollment` field.
108
+ # The Member's MFA enrollment can also be toggled through the [Update Member](https://stytch.com/docs/b2b/api/update-member) endpoint.
95
109
  #
96
110
  # Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a duration of 60 minutes.
97
111
  #
@@ -153,7 +167,7 @@ module StytchB2B
153
167
  # Globally unique UUID that identifies a specific Member.
154
168
  # The type of this field is +String+.
155
169
  # member::
156
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
170
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
157
171
  # The type of this field is +Member+ (+object+).
158
172
  # organization::
159
173
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -140,7 +140,7 @@ module StytchB2B
140
140
  # A flag indicating `true` if a new Member object was created and `false` if the Member object already existed.
141
141
  # The type of this field is +Boolean+.
142
142
  # member::
143
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
143
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
144
144
  # The type of this field is +Member+ (+object+).
145
145
  # organization::
146
146
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -187,7 +187,7 @@ module StytchB2B
187
187
  # * We force a password reset in this instance in order to safely deduplicate the account by email address, without introducing the risk of a pre-hijack account takeover attack.
188
188
  # * Imagine a bad actor creates many accounts using passwords and the known email addresses of their victims. If a victim comes to the site and logs in for the first time with an email-based passwordless authentication method then both the victim and the bad actor have credentials to access to the same account. To prevent this, any further email/password login attempts first require a password reset which can only be accomplished by someone with access to the underlying email address.
189
189
  #
190
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
190
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
191
191
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
192
192
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
193
193
  #
@@ -228,7 +228,7 @@ module StytchB2B
228
228
  # Total custom claims size cannot exceed four kilobytes.
229
229
  # The type of this field is nilable +object+.
230
230
  # locale::
231
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
231
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
232
232
  #
233
233
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
234
234
  #
@@ -250,7 +250,7 @@ module StytchB2B
250
250
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
251
251
  # The type of this field is +String+.
252
252
  # member::
253
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
253
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
254
254
  # The type of this field is +Member+ (+object+).
255
255
  # session_token::
256
256
  # A secret token for a given Stytch Session.
@@ -276,7 +276,7 @@ module StytchB2B
276
276
  # The [Session object](https://stytch.com/docs/b2b/api/session-object).
277
277
  # The type of this field is nilable +MemberSession+ (+object+).
278
278
  # mfa_required::
279
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
279
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
280
280
  # The type of this field is nilable +MfaRequired+ (+object+).
281
281
  def authenticate(
282
282
  organization_id:,
@@ -398,7 +398,7 @@ module StytchB2B
398
398
  #
399
399
  # The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint. If the token and password are accepted, the password is securely stored for future authentication and the user is authenticated.
400
400
  #
401
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
401
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
402
402
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
403
403
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
404
404
  #
@@ -443,7 +443,7 @@ module StytchB2B
443
443
  # Total custom claims size cannot exceed four kilobytes.
444
444
  # The type of this field is nilable +object+.
445
445
  # locale::
446
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
446
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
447
447
  #
448
448
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
449
449
  #
@@ -468,7 +468,7 @@ module StytchB2B
468
468
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
469
469
  # The type of this field is +String+.
470
470
  # member::
471
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
471
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
472
472
  # The type of this field is +Member+ (+object+).
473
473
  # session_token::
474
474
  # A secret token for a given Stytch Session.
@@ -494,7 +494,7 @@ module StytchB2B
494
494
  # The [Session object](https://stytch.com/docs/b2b/api/session-object).
495
495
  # The type of this field is nilable +MemberSession+ (+object+).
496
496
  # mfa_required::
497
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
497
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
498
498
  # The type of this field is nilable +MfaRequired+ (+object+).
499
499
  def reset(
500
500
  password_reset_token:,
@@ -553,7 +553,7 @@ module StytchB2B
553
553
  # Globally unique UUID that identifies a specific Member.
554
554
  # The type of this field is +String+.
555
555
  # member::
556
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
556
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
557
557
  # The type of this field is +Member+ (+object+).
558
558
  # organization::
559
559
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -596,7 +596,7 @@ module StytchB2B
596
596
  # considered valid if they meet the requirements that you've set with Stytch.
597
597
  # You may update your password strength configuration in the [stytch dashboard](https://stytch.com/dashboard/password-strength-config).
598
598
  #
599
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
599
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
600
600
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
601
601
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
602
602
  #
@@ -640,7 +640,7 @@ module StytchB2B
640
640
  # Total custom claims size cannot exceed four kilobytes.
641
641
  # The type of this field is nilable +object+.
642
642
  # locale::
643
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
643
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
644
644
  #
645
645
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
646
646
  #
@@ -659,7 +659,7 @@ module StytchB2B
659
659
  # Globally unique UUID that identifies a specific Member.
660
660
  # The type of this field is +String+.
661
661
  # member::
662
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
662
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
663
663
  # The type of this field is +Member+ (+object+).
664
664
  # session_token::
665
665
  # A secret token for a given Stytch Session.
@@ -685,7 +685,7 @@ module StytchB2B
685
685
  # The [Session object](https://stytch.com/docs/b2b/api/session-object).
686
686
  # The type of this field is nilable +MemberSession+ (+object+).
687
687
  # mfa_required::
688
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
688
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
689
689
  # The type of this field is nilable +MfaRequired+ (+object+).
690
690
  def reset(
691
691
  email_address:,
@@ -94,7 +94,7 @@ module StytchB2B
94
94
  # The JSON Web Token (JWT) for a given Stytch Session.
95
95
  # The type of this field is +String+.
96
96
  # member::
97
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
97
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
98
98
  # The type of this field is +Member+ (+object+).
99
99
  # organization::
100
100
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -163,7 +163,7 @@ module StytchB2B
163
163
  # Only Email Magic Link, OAuth, and SMS OTP factors can be transferred between sessions. Other authentication factors, such as password factors, will not be transferred to the new session.
164
164
  # SMS OTP factors can be used to fulfill MFA requirements for the target Organization if both the original and target Member have the same phone number and the phone number is verified for both Members.
165
165
  #
166
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
166
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
167
167
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
168
168
  # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
169
169
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -197,7 +197,7 @@ module StytchB2B
197
197
  # Total custom claims size cannot exceed four kilobytes.
198
198
  # The type of this field is nilable +object+.
199
199
  # locale::
200
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
200
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
201
201
  #
202
202
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
203
203
  #
@@ -225,7 +225,7 @@ module StytchB2B
225
225
  # The JSON Web Token (JWT) for a given Stytch Session.
226
226
  # The type of this field is +String+.
227
227
  # member::
228
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
228
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
229
229
  # The type of this field is +Member+ (+object+).
230
230
  # organization::
231
231
  # The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -243,7 +243,7 @@ module StytchB2B
243
243
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
244
244
  # The type of this field is +Integer+.
245
245
  # mfa_required::
246
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
246
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
247
247
  # The type of this field is nilable +MfaRequired+ (+object+).
248
248
  def exchange(
249
249
  organization_id:,
@@ -83,7 +83,7 @@ module StytchB2B
83
83
  # If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
84
84
  # To link this authentication event to an existing Stytch session, include either the `session_token` or `session_jwt` param.
85
85
  #
86
- # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
86
+ # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
87
87
  # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
88
88
  # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
89
89
  #
@@ -121,7 +121,7 @@ module StytchB2B
121
121
  # Total custom claims size cannot exceed four kilobytes.
122
122
  # The type of this field is nilable +object+.
123
123
  # locale::
124
- # (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
124
+ # If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
125
125
  #
126
126
  # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
127
127
  #
@@ -143,7 +143,7 @@ module StytchB2B
143
143
  # Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
144
144
  # The type of this field is +String+.
145
145
  # member::
146
- # The [Member object](https://stytch.com/docs/b2b/api/member-object).
146
+ # The [Member object](https://stytch.com/docs/b2b/api/member-object)
147
147
  # The type of this field is +Member+ (+object+).
148
148
  # session_token::
149
149
  # A secret token for a given Stytch Session.
@@ -173,7 +173,7 @@ module StytchB2B
173
173
  # The [Session object](https://stytch.com/docs/b2b/api/session-object).
174
174
  # The type of this field is nilable +MemberSession+ (+object+).
175
175
  # mfa_required::
176
- # (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
176
+ # Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
177
177
  # The type of this field is nilable +MfaRequired+ (+object+).
178
178
  def authenticate(
179
179
  sso_token:,
data/lib/stytch/m2m.rb CHANGED
@@ -33,7 +33,6 @@ module Stytch
33
33
  end
34
34
  end
35
35
 
36
-
37
36
  # MANUAL(M2M::get_jwks)(SERVICE_METHOD)
38
37
  # This is a helper so we can retrieve the JWKS for a project for decoding M2M access tokens
39
38
  def get_jwks(
@@ -81,7 +80,7 @@ module Stytch
81
80
  }
82
81
  request[:scope] = scopes.join(' ') unless scopes.nil?
83
82
 
84
- JSON.parse(post_request("/v1/public/#{@project_id}/oauth2/token", request), {:symbolize_names => true})
83
+ JSON.parse(post_request("/v1/public/#{@project_id}/oauth2/token", request), { symbolize_names: true })
85
84
  end
86
85
  # ENDMANUAL(M2M::token)
87
86
 
@@ -116,19 +115,13 @@ module Stytch
116
115
  iat_time = Time.at(decoded_jwt['iat']).to_datetime
117
116
 
118
117
  # Token too old
119
- unless max_token_age.nil?
120
- if iat_time + max_token_age < Time.now
121
- raise JWTExpiredError
122
- end
123
- end
118
+ raise JWTExpiredError if !max_token_age.nil? && (iat_time + max_token_age < Time.now)
124
119
 
125
120
  resp = marshal_jwt_into_response(decoded_jwt)
126
121
 
127
122
  unless required_scopes.nil?
128
123
  for scope in required_scopes
129
- unless resp['scopes'].include?(scope)
130
- raise TokenMissingScopeError.new(scope)
131
- end
124
+ raise TokenMissingScopeError, scope unless resp['scopes'].include?(scope)
132
125
  end
133
126
  end
134
127
 
@@ -189,12 +182,12 @@ module Stytch
189
182
  # request_id::
190
183
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
191
184
  # The type of this field is +String+.
185
+ # m2m_client::
186
+ # The M2M Client affected by this operation.
187
+ # The type of this field is +M2MClient+ (+object+).
192
188
  # status_code::
193
189
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
194
190
  # The type of this field is +Integer+.
195
- # m2m_client::
196
- # The M2M Client affected by this operation.
197
- # The type of this field is nilable +M2MClient+ (+object+).
198
191
  def get(
199
192
  client_id:
200
193
  )
@@ -278,12 +271,12 @@ module Stytch
278
271
  # request_id::
279
272
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
280
273
  # The type of this field is +String+.
274
+ # m2m_client::
275
+ # The M2M Client affected by this operation.
276
+ # The type of this field is +M2MClient+ (+object+).
281
277
  # status_code::
282
278
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
283
279
  # The type of this field is +Integer+.
284
- # m2m_client::
285
- # The M2M Client affected by this operation.
286
- # The type of this field is nilable +M2MClient+ (+object+).
287
280
  def update(
288
281
  client_id:,
289
282
  client_name: nil,
@@ -358,12 +351,12 @@ module Stytch
358
351
  # request_id::
359
352
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
360
353
  # The type of this field is +String+.
354
+ # m2m_client::
355
+ # The M2M Client created by this API call.
356
+ # The type of this field is +M2MClientWithClientSecret+ (+object+).
361
357
  # status_code::
362
358
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
363
359
  # The type of this field is +Integer+.
364
- # m2m_client::
365
- # The M2M Client created by this API call.
366
- # The type of this field is nilable +M2MClientWithClientSecret+ (+object+).
367
360
  def create(
368
361
  scopes:,
369
362
  client_id: nil,
@@ -391,8 +384,8 @@ module Stytch
391
384
  @connection = connection
392
385
  end
393
386
 
394
- # Initiate the rotation of an M2M client secret. After this endpoint is called, both the client's `client_secret` and `next_client_secret` will be valid. To complete the secret rotation flow, update all usages of `client_secret` to `next_client_secret` and call the[Rotate Secret Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret)[Rotate Secret Endpoint](https://stytch.com/docs/api/m2m-rotate-secret) to complete the flow.
395
- # Secret rotation can be cancelled using the[Rotate Cancel Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-cancel)[Rotate Cancel Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-cancel).
387
+ # Initiate the rotation of an M2M client secret. After this endpoint is called, both the client's `client_secret` and `next_client_secret` will be valid. To complete the secret rotation flow, update all usages of `client_secret` to `next_client_secret` and call the [Rotate Secret Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret)[Rotate Secret Endpoint](https://stytch.com/docs/api/m2m-rotate-secret) to complete the flow.
388
+ # Secret rotation can be cancelled using the [Rotate Cancel Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-cancel)[Rotate Cancel Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-cancel).
396
389
  #
397
390
  # **Important:** This is the only time you will be able to view the generated `next_client_secret` in the API response. Stytch stores a hash of the `next_client_secret` and cannot recover the value if lost. Be sure to persist the `next_client_secret` in a secure location. If the `next_client_secret` is lost, you will need to trigger a secret rotation flow to receive another one.
398
391
  #
@@ -406,12 +399,12 @@ module Stytch
406
399
  # request_id::
407
400
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
408
401
  # The type of this field is +String+.
402
+ # m2m_client::
403
+ # The M2M Client affected by this operation.
404
+ # The type of this field is +M2MClientWithNextClientSecret+ (+object+).
409
405
  # status_code::
410
406
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
411
407
  # The type of this field is +Integer+.
412
- # m2m_client::
413
- # The M2M Client affected by this operation.
414
- # The type of this field is nilable +M2MClientWithNextClientSecret+ (+object+).
415
408
  def rotate_start(
416
409
  client_id:
417
410
  )
@@ -420,7 +413,7 @@ module Stytch
420
413
  post_request("/v1/m2m/clients/#{client_id}/secrets/rotate/start", request)
421
414
  end
422
415
 
423
- # Cancel the rotation of an M2M client secret started with the[Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start)[Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
416
+ # Cancel the rotation of an M2M client secret started with the [Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start) [Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
424
417
  # After this endpoint is called, the client's `next_client_secret` is discarded and only the original `client_secret` will be valid.
425
418
  #
426
419
  # == Parameters:
@@ -433,12 +426,12 @@ module Stytch
433
426
  # request_id::
434
427
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
435
428
  # The type of this field is +String+.
429
+ # m2m_client::
430
+ # The M2M Client affected by this operation.
431
+ # The type of this field is +M2MClient+ (+object+).
436
432
  # status_code::
437
433
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
438
434
  # The type of this field is +Integer+.
439
- # m2m_client::
440
- # The M2M Client affected by this operation.
441
- # The type of this field is nilable +M2MClient+ (+object+).
442
435
  def rotate_cancel(
443
436
  client_id:
444
437
  )
@@ -447,7 +440,7 @@ module Stytch
447
440
  post_request("/v1/m2m/clients/#{client_id}/secrets/rotate/cancel", request)
448
441
  end
449
442
 
450
- # Complete the rotation of an M2M client secret started with the[Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start)[Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
443
+ # Complete the rotation of an M2M client secret started with the [Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start) [Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
451
444
  # After this endpoint is called, the client's `next_client_secret` becomes its `client_secret` and the previous `client_secret` will no longer be valid.
452
445
  #
453
446
  # == Parameters:
@@ -460,12 +453,12 @@ module Stytch
460
453
  # request_id::
461
454
  # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
462
455
  # The type of this field is +String+.
456
+ # m2m_client::
457
+ # The M2M Client affected by this operation.
458
+ # The type of this field is +M2MClient+ (+object+).
463
459
  # status_code::
464
460
  # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
465
461
  # The type of this field is +Integer+.
466
- # m2m_client::
467
- # The M2M Client affected by this operation.
468
- # The type of this field is nilable +M2MClient+ (+object+).
469
462
  def rotate(
470
463
  client_id:
471
464
  )
data/lib/stytch/otps.rb CHANGED
@@ -126,6 +126,9 @@ module Stytch
126
126
  #
127
127
  # Note that sending another OTP code before the first has expired will invalidate the first code.
128
128
  #
129
+ # ### Cost to send SMS OTP
130
+ # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
131
+ #
129
132
  # ### Add a phone number to an existing user
130
133
  #
131
134
  # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the phone number to the pre-existing Stytch User upon successful authentication.
@@ -138,7 +141,7 @@ module Stytch
138
141
  #
139
142
  # == Parameters:
140
143
  # phone_number::
141
- # The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
144
+ # The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
142
145
  # The type of this field is +String+.
143
146
  # expiration_minutes::
144
147
  # Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -200,15 +203,17 @@ module Stytch
200
203
  post_request('/v1/otps/sms/send', request)
201
204
  end
202
205
 
203
- # Send a one-time passcode (OTP) to a User using their phone number. If the phone number is not associated with a user already, a user will be created.
206
+ # Send a One-Time Passcode (OTP) to a User using their phone number. If the phone number is not associated with a user already, a user will be created.
204
207
  #
208
+ # ### Cost to send SMS OTP
209
+ # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
205
210
  # ### Next steps
206
211
  #
207
212
  # Collect the OTP which was delivered to the User. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`.
208
213
  #
209
214
  # == Parameters:
210
215
  # phone_number::
211
- # The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
216
+ # The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
212
217
  # The type of this field is +String+.
213
218
  # expiration_minutes::
214
219
  # Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -275,10 +280,13 @@ module Stytch
275
280
  @connection = connection
276
281
  end
277
282
 
278
- # Send a one-time passcode (OTP) to a User's WhatsApp. If you'd like to create a user and send them a passcode with one request, use our [log in or create](https://stytch.com/docs/api/whatsapp-login-or-create) endpoint.
283
+ # Send a One-Time Passcode (OTP) to a User's WhatsApp. If you'd like to create a user and send them a passcode with one request, use our [log in or create](https://stytch.com/docs/api/whatsapp-login-or-create) endpoint.
279
284
  #
280
285
  # Note that sending another OTP code before the first has expired will invalidate the first code.
281
286
  #
287
+ # ### Cost to send SMS OTP
288
+ # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
289
+ #
282
290
  # ### Add a phone number to an existing user
283
291
  #
284
292
  # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the phone number to the pre-existing Stytch User upon successful authentication.
@@ -291,7 +299,7 @@ module Stytch
291
299
  #
292
300
  # == Parameters:
293
301
  # phone_number::
294
- # The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
302
+ # The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
295
303
  # The type of this field is +String+.
296
304
  # expiration_minutes::
297
305
  # Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -355,13 +363,16 @@ module Stytch
355
363
 
356
364
  # Send a one-time passcode (OTP) to a User's WhatsApp using their phone number. If the phone number is not associated with a User already, a User will be created.
357
365
  #
366
+ # ### Cost to send SMS OTP
367
+ # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
368
+ #
358
369
  # ### Next steps
359
370
  #
360
371
  # Collect the OTP which was delivered to the User. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`.
361
372
  #
362
373
  # == Parameters:
363
374
  # phone_number::
364
- # The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
375
+ # The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
365
376
  # The type of this field is +String+.
366
377
  # expiration_minutes::
367
378
  # Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -428,7 +439,7 @@ module Stytch
428
439
  @connection = connection
429
440
  end
430
441
 
431
- # Send a one-time passcode (OTP) to a User using their email. If you'd like to create a user and send them a passcode with one request, use our [log in or create endpoint](https://stytch.com/docs/api/log-in-or-create-user-by-email-otp).
442
+ # Send a One-Time Passcode (OTP) to a User using their email. If you'd like to create a user and send them a passcode with one request, use our [log in or create endpoint](https://stytch.com/docs/api/log-in-or-create-user-by-email-otp).
432
443
  #
433
444
  # ### Add an email to an existing user
434
445
  # This endpoint also allows you to add a new email to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the email to the pre-existing Stytch User upon successful authentication.
@@ -21,11 +21,13 @@ module Stytch
21
21
  @sessions = Stytch::Passwords::Sessions.new(@connection)
22
22
  end
23
23
 
24
- # Create a new user with a password and an authenticated session for the user if requested. If a user with this email already exists in the project, this API will return an error.
24
+ # Create a new user with a password. If `session_duration_minutes` is specified, a new session will be started as well.
25
25
  #
26
- # Existing passwordless users who wish to create a password need to go through the reset password flow.
26
+ # If a user with this email already exists in your Stytch project, this endpoint will return a `duplicate_email` error. To add a password to an existing passwordless user, you'll need to either call the [Migrate password endpoint](https://stytch.com/docs/api/password-migrate) or prompt the user to complete one of our password reset flows.
27
27
  #
28
- # This endpoint will return an error if the password provided does not meet our strength requirements, which you can check beforehand with the password strength endpoint.
28
+ # This endpoint will return an error if the password provided does not meet our strength requirements, which you can check beforehand via the [Password strength check endpoint](https://stytch.com/docs/api/password-strength-check).
29
+ #
30
+ # When creating new Passwords users, it's good practice to enforce an email verification flow. We'd recommend checking out our [Email verification guide](https://stytch.com/docs/guides/passwords/email-verification/overview) for more information.
29
31
  #
30
32
  # == Parameters:
31
33
  # email::
data/lib/stytch/users.rb CHANGED
@@ -29,7 +29,7 @@ module Stytch
29
29
  # Provided attributes help with fraud detection.
30
30
  # The type of this field is nilable +Attributes+ (+object+).
31
31
  # phone_number::
32
- # The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
32
+ # The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
33
33
  # The type of this field is nilable +String+.
34
34
  # create_user_as_pending::
35
35
  # Flag for whether or not to save a user as pending vs active in Stytch. Defaults to false.
@@ -254,6 +254,51 @@ module Stytch
254
254
  put_request("/v1/users/#{user_id}", request)
255
255
  end
256
256
 
257
+ # Exchange a user's email address or phone number for another.
258
+ #
259
+ # Must pass either an `email_address` or a `phone_number`.
260
+ #
261
+ # This endpoint only works if the user has exactly one factor. You are able to exchange the type of factor for another as well, i.e. exchange an `email_address` for a `phone_number`.
262
+ #
263
+ # Use this endpoint with caution as it performs an admin level action.
264
+ #
265
+ # == Parameters:
266
+ # user_id::
267
+ # The unique ID of a specific User.
268
+ # The type of this field is +String+.
269
+ # email_address::
270
+ # The email address to exchange to.
271
+ # The type of this field is nilable +String+.
272
+ # phone_number::
273
+ # The phone number to exchange to. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX).
274
+ # The type of this field is nilable +String+.
275
+ #
276
+ # == Returns:
277
+ # An object with the following fields:
278
+ # request_id::
279
+ # Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
280
+ # The type of this field is +String+.
281
+ # user_id::
282
+ # The unique ID of the affected User.
283
+ # The type of this field is +String+.
284
+ # user::
285
+ # The `user` object affected by this API call. See the [Get user endpoint](https://stytch.com/docs/api/get-user) for complete response field details.
286
+ # The type of this field is +User+ (+object+).
287
+ # status_code::
288
+ # The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
289
+ # The type of this field is +Integer+.
290
+ def exchange_primary_factor(
291
+ user_id:,
292
+ email_address: nil,
293
+ phone_number: nil
294
+ )
295
+ request = {}
296
+ request[:email_address] = email_address unless email_address.nil?
297
+ request[:phone_number] = phone_number unless phone_number.nil?
298
+
299
+ put_request("/v1/users/#{user_id}/exchange_primary_factor", request)
300
+ end
301
+
257
302
  # Delete a User from Stytch.
258
303
  #
259
304
  # == Parameters:
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Stytch
4
- VERSION = '6.2.1'
4
+ VERSION = '6.4.0'
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: stytch
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.2.1
4
+ version: 6.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - stytch
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-08-07 00:00:00.000000000 Z
11
+ date: 2023-08-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: faraday