stytch 6.3.0 → 6.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ecae9b8983b3c5424abf10c7fbaf3af818eaea627e2dc03d61648c97f0e3b7c0
-  data.tar.gz: 2d5a209746aca96e85a7bbf62df41d27fba27ad1cd1a7c78d8b1e84d2dcf2753
+  metadata.gz: f0bc5efc1c2c0c36d794db592adba102628de2cd5cec77ffce94652b31e0007f
+  data.tar.gz: 689602f4ab5dc19c149c541eb3b15125d82ce515db9771583b8d6f22123eb577
 SHA512:
-  metadata.gz: ae812d3bb2c53a0c1bbc6af31981ec8c934b0ced77c822f5b8251327951c509108b01d11f435c02b7c96f10c2f7e6f217957cd0e131b14bae31c0f97fc13ce2b
-  data.tar.gz: 702a775c32098a283fdbf02cea03be91e7710710cdf7508552f48665271d036f640cca847e9e643bce2de97b974b5098532931238bf6a63b81437d7ce97fbbdc
+  metadata.gz: be5a989fee14537da3dac34ecea235509a9b1a1366fc1d9539c79ea600ea4b9abb9f9205faee9bfca0ad8ad07429d659d46af6f9b8815ac17343d8757fcc2098
+  data.tar.gz: e4f51e5f088df37798b52df974c376a52ebd3375270278b647b6e8d41e0355b5b1f4af53149cc1459eb5b7ca5b8f617bbe375e4ec57f55eb8819310662b09e9c

data/lib/stytch/b2b_client.rb

@@ -31,7 +31,7 @@ module StytchB2B
       @organizations = StytchB2B::Organizations.new(@connection)
       @passwords = StytchB2B::Passwords.new(@connection)
       @sso = StytchB2B::SSO.new(@connection)
-      @sessions = StytchB2B::Sessions.new(@connection)
+      @sessions = StytchB2B::Sessions.new(@connection, project_id)
     end
 
     private

data/lib/stytch/b2b_discovery.rb

@@ -32,7 +32,7 @@ module StytchB2B
       #
       # This endpoint can be used to accept invites and create new members via domain matching.
       #
-      # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`.
+      # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`.
       # The `intermediate_session_token` will not be consumed and instead will be returned in the response.
       # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
       # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
@@ -67,7 +67,7 @@ module StytchB2B
       #   Total custom claims size cannot exceed four kilobytes.
       #   The type of this field is nilable +object+.
       # locale::
-      #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+      #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
       #
       # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
       #
@@ -92,7 +92,7 @@ module StytchB2B
       #   The JSON Web Token (JWT) for a given Stytch Session.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -113,7 +113,7 @@ module StytchB2B
       #   The [Session object](https://stytch.com/docs/b2b/api/session-object).
       #   The type of this field is nilable +MemberSession+ (+object+).
       # mfa_required::
-      #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+      #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
       #   The type of this field is nilable +MfaRequired+ (+object+).
       def exchange(
         intermediate_session_token:,
@@ -148,7 +148,7 @@ module StytchB2B
       #
       # This endpoint can also be used to start an initial session for the newly created member and organization.
       #
-      # (Coming Soon) If the new Organization is created with a `mfa_policy` of `REQUIRED_FOR_ALL`, the newly created Member will need to complete an MFA step to log in to the Organization.
+      # If the new Organization is created with a `mfa_policy` of `REQUIRED_FOR_ALL`, the newly created Member will need to complete an MFA step to log in to the Organization.
       # The `intermediate_session_token` will not be consumed and instead will be returned in the response.
       # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
       # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
@@ -240,7 +240,7 @@ module StytchB2B
       #
       #   The type of this field is nilable list of +String+.
       # mfa_policy::
-      #   (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
+      #   The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
       #
       #   `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
       #
@@ -263,7 +263,7 @@ module StytchB2B
       #   The JSON Web Token (JWT) for a given Stytch Session.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # member_authenticated::
       #   Indicates whether the Member is fully authenticated. If false, the Member needs to complete an MFA step to log in to the Organization.
@@ -284,7 +284,7 @@ module StytchB2B
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
       #   The type of this field is nilable +Organization+ (+object+).
       # mfa_required::
-      #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+      #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
       #   The type of this field is nilable +MfaRequired+ (+object+).
       def create(
         intermediate_session_token:,

data/lib/stytch/b2b_magic_links.rb

@@ -23,7 +23,7 @@ module StytchB2B
     # Authenticate a Member with a Magic Link. This endpoint requires a Magic Link token that is not expired or previously used. If the Member’s status is `pending` or `invited`, they will be updated to `active`.
     # Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
     #
-    # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+    # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
     # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
     # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
     # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -66,7 +66,7 @@ module StytchB2B
     #   Total custom claims size cannot exceed four kilobytes.
     #   The type of this field is nilable +object+.
     # locale::
-    #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+    #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
     #
     # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
     #
@@ -95,7 +95,7 @@ module StytchB2B
     #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # session_token::
     #   A secret token for a given Stytch Session.
@@ -122,7 +122,7 @@ module StytchB2B
     #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
     #   The type of this field is +Integer+.
     # mfa_required::
-    #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+    #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
     #   The type of this field is nilable +MfaRequired+ (+object+).
     def authenticate(
       magic_links_token:,
@@ -207,7 +207,7 @@ module StytchB2B
       #   A flag indicating `true` if a new Member object was created and `false` if the Member object already existed.
       #   The type of this field is +Boolean+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -289,7 +289,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).

data/lib/stytch/b2b_oauth.rb

@@ -21,7 +21,7 @@ module StytchB2B
 
     # Authenticate a Member given a `token`. This endpoint verifies that the member completed the OAuth flow by verifying that the token is valid and hasn't expired.  Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
     #
-    # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+    # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
     # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
     # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
     # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -60,7 +60,7 @@ module StytchB2B
     #   A base64url encoded one time secret used to validate that the request starts and ends on the same device.
     #   The type of this field is nilable +String+.
     # locale::
-    #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+    #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
     #
     # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
     #
@@ -91,7 +91,7 @@ module StytchB2B
     #   The JSON Web Token (JWT) for a given Stytch Session.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # organization_id::
     #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
@@ -123,7 +123,7 @@ module StytchB2B
     #   Note that these values will vary based on the OAuth provider in question, e.g. `id_token` is only returned by Microsoft.
     #   The type of this field is nilable +ProviderValues+ (+object+).
     # mfa_required::
-    #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+    #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
     #   The type of this field is nilable +MfaRequired+ (+object+).
     def authenticate(
       oauth_token:,

data/lib/stytch/b2b_organizations.rb

@@ -87,7 +87,7 @@ module StytchB2B
     #
     #   The type of this field is nilable list of +String+.
     # mfa_policy::
-    #   (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
+    #   The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
     #
     #   `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
     #
@@ -238,7 +238,7 @@ module StytchB2B
     #
     #   The type of this field is nilable list of +String+.
     # mfa_policy::
-    #   (Coming Soon) The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
+    #   The setting that controls the MFA policy for all Members in the Organization. The accepted values are:
     #
     #   `REQUIRED_FOR_ALL` – All Members within the Organization will be required to complete MFA every time they wish to log in.
     #
@@ -389,10 +389,10 @@ module StytchB2B
       #   Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
       #   The type of this field is nilable +Boolean+.
       # mfa_phone_number::
-      #   (no documentation yet)
+      #   Sets the Member's phone number. Throws an error if the Member already has a phone number. To change the Member's phone number, use the [Delete member phone number endpoint](https://stytch.com/docs/b2b/api/delete-member-mfa-phone-number) to delete the Member's existing phone number first.
       #   The type of this field is nilable +String+.
       # mfa_enrolled::
-      #   (Coming Soon) Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
+      #   Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
       #   The type of this field is nilable +Boolean+.
       #
       # == Returns:
@@ -404,7 +404,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -461,6 +461,75 @@ module StytchB2B
         delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}")
       end
 
+      # Reactivates a deleted Member's status and its associated email status (if applicable) to active, specified by `organization_id` and `member_id`.
+      #
+      # == Parameters:
+      # organization_id::
+      #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
+      #   The type of this field is +String+.
+      # member_id::
+      #   Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
+      #   The type of this field is +String+.
+      #
+      # == Returns:
+      # An object with the following fields:
+      # request_id::
+      #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
+      #   The type of this field is +String+.
+      # member_id::
+      #   Globally unique UUID that identifies a specific Member.
+      #   The type of this field is +String+.
+      # member::
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
+      #   The type of this field is +Member+ (+object+).
+      # organization::
+      #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
+      #   The type of this field is +Organization+ (+object+).
+      # status_code::
+      #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
+      #   The type of this field is +Integer+.
+      def reactivate(
+        organization_id:,
+        member_id:
+      )
+        request = {}
+
+        put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/reactivate", request)
+      end
+
+      # Delete a Member's MFA phone number.
+      #
+      # To change a Member's phone number, you must first call this endpoint to delete the existing phone number.
+      #
+      # Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again.
+      # If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number
+      # and calling the [OTP SMS send](https://stytch.com/docs/b2b/api/otp-sms-send) endpoint, then calling the [OTP SMS Authenticate](https://stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint.
+      #
+      # == Parameters:
+      # organization_id::
+      #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
+      #   The type of this field is +String+.
+      # member_id::
+      #   Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
+      #   The type of this field is +String+.
+      #
+      # == Returns:
+      # An object with the following fields:
+      # request_id::
+      #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
+      #   The type of this field is +String+.
+      # member_id::
+      #   Globally unique UUID that identifies a specific Member.
+      #   The type of this field is +String+.
+      # member::
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
+      #   The type of this field is +Member+ (+object+).
+      # organization::
+      #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
+      #   The type of this field is +Organization+ (+object+).
+      # status_code::
+      #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
+      #   The type of this field is +Integer+.
       def delete_mfa_phone_number(
         organization_id:,
         member_id:
@@ -468,7 +537,7 @@ module StytchB2B
         delete_request("/v1/b2b/organizations/#{organization_id}/members/mfa_phone_numbers/#{member_id}")
       end
 
-      # Search for Members within specified Organizations. An array with at least one `organization_id` is required. Submitting an empty `query` returns all Members within the specified Organizations.
+      # Search for Members within specified Organizations. An array with at least one `organization_id` is required. Submitting an empty `query` returns all non-deleted Members within the specified Organizations.
       #
       # *All fuzzy search filters require a minimum of three characters.
       #
@@ -538,7 +607,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -580,10 +649,10 @@ module StytchB2B
       #   Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
       #   The type of this field is nilable +Boolean+.
       # mfa_phone_number::
-      #   (no documentation yet)
+      #   The Member's phone number. A Member may only have one phone number.
       #   The type of this field is nilable +String+.
       # mfa_enrolled::
-      #   (Coming Soon) Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
+      #   Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
       #   The type of this field is nilable +Boolean+.
       #
       # == Returns:
@@ -595,7 +664,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -650,7 +719,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).

data/lib/stytch/b2b_otp.rb

@@ -26,13 +26,20 @@ module StytchB2B
         @connection = connection
       end
 
-      # Send a one-time passcode (OTP) to a Member's phone number. If the Member already has a phone number, this will send an OTP to the number associated with their `member_id`. If not, then this will send an OTP to the `phone_number` provided and link the `phone_number` with the Member.
-      # An error will be thrown if the Member already has a phone number and the provided `phone_number` does not match the existing one.
+      # Send a One-Time Passcode (OTP) to a Member's phone number.
+      #
+      # If the Member already has a phone number, the `mfa_phone_number` field is not needed; the endpoint will send an OTP to the number associated with the Member.
+      # If the Member does not have a phone number, the endpoint will send an OTP to the `mfa_phone_number` provided and link the `mfa_phone_number` with the Member.
+      #
+      # An error will be thrown if the Member already has a phone number and the provided `mfa_phone_number` does not match the existing one.
       #
       # Note that sending another OTP code before the first has expired will invalidate the first code.
       #
       # If a Member has a phone number and is enrolled in MFA, then after a successful primary authentication event (e.g. [email magic link](https://stytch.com/docs/b2b/api/authenticate-magic-link) or [SSO](https://stytch.com/docs/b2b/api/sso-authenticate) login is complete), an SMS OTP will automatically be sent to their phone number. In that case, this endpoint should only be used for subsequent authentication events, such as prompting a Member for an OTP again after a period of inactivity.
       #
+      # ### Cost to send SMS OTP
+      # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
+      #
       # == Parameters:
       # organization_id::
       #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
@@ -41,7 +48,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
       #   The type of this field is +String+.
       # mfa_phone_number::
-      #   (no documentation yet)
+      #   The phone number to send the OTP to. If the Member already has a phone number, this argument is not needed.
       #   The type of this field is nilable +String+.
       # locale::
       #   Used to determine which language to use when sending the user this delivery method. Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
@@ -61,7 +68,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -85,13 +92,20 @@ module StytchB2B
         post_request('/v1/b2b/otps/sms/send', request)
       end
 
-      # Authenticates a Member's OTP code. This endpoint verifies that the code is valid and hasn't expired or been previously used. A given Member may only have a single active OTP code at any given time. If a Member requests another OTP code before the first one has expired, the first one will be invalidated.
+      # SMS OTPs may not be used as a primary authentication mechanism. They can be used to complete an MFA requirement, or they can be used as a step-up factor to be added to an existing session.
+      #
+      # This endpoint verifies that the one-time passcode (OTP) is valid and hasn't expired or been previously used. A given Member may only have a single active OTP code at any given time. If a Member requests another OTP code before the first one has expired, the first one will be invalidated.
       #
       # Exactly one of `intermediate_session_token`, `session_token`, or `session_jwt` must be provided in the request.
       # If an intermediate session token is provided, this operation will consume it.
       #
+      # Intermediate session tokens are generated upon successful calls to primary authenticate methods in the case where MFA is required,
+      # such as [email magic link authenticate](https://stytch.com/docs/b2b/api/authenticate-magic-link),
+      # or upon successful calls to discovery authenticate methods, such as [email magic link discovery authenticate](https://stytch.com/docs/b2b/api/authenticate-discovery-magic-link).
+      #
       # If the Organization's MFA policy is `REQUIRED_FOR_ALL`, a successful OTP authentication will change the Member's `mfa_enrolled` status to `true` if it is not already `true`.
       # If the Organization's MFA policy is `OPTIONAL`, the Member's MFA enrollment can be toggled by passing in a value for the `set_mfa_enrollment` field.
+      # The Member's MFA enrollment can also be toggled through the [Update Member](https://stytch.com/docs/b2b/api/update-member) endpoint.
       #
       # Provide the `session_duration_minutes` parameter to set the lifetime of the session. If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a duration of 60 minutes.
       #
@@ -153,7 +167,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).

data/lib/stytch/b2b_passwords.rb

@@ -140,7 +140,7 @@ module StytchB2B
     #   A flag indicating `true` if a new Member object was created and `false` if the Member object already existed.
     #   The type of this field is +Boolean+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # organization::
     #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -187,7 +187,7 @@ module StytchB2B
     #     * We force a password reset in this instance in order to safely deduplicate the account by email address, without introducing the risk of a pre-hijack account takeover attack.
     #     * Imagine a bad actor creates many accounts using passwords and the known email addresses of their victims. If a victim comes to the site and logs in for the first time with an email-based passwordless authentication method then both the victim and the bad actor have credentials to access to the same account. To prevent this, any further email/password login attempts first require a password reset which can only be accomplished by someone with access to the underlying email address.
     #
-    # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+    # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
     # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
     # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
     #
@@ -228,7 +228,7 @@ module StytchB2B
     #   Total custom claims size cannot exceed four kilobytes.
     #   The type of this field is nilable +object+.
     # locale::
-    #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+    #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
     #
     # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
     #
@@ -250,7 +250,7 @@ module StytchB2B
     #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # session_token::
     #   A secret token for a given Stytch Session.
@@ -276,7 +276,7 @@ module StytchB2B
     #   The [Session object](https://stytch.com/docs/b2b/api/session-object).
     #   The type of this field is nilable +MemberSession+ (+object+).
     # mfa_required::
-    #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+    #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
     #   The type of this field is nilable +MfaRequired+ (+object+).
     def authenticate(
       organization_id:,
@@ -398,7 +398,7 @@ module StytchB2B
       #
       # The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint. If the token and password are accepted, the password is securely stored for future authentication and the user is authenticated.
       #
-      # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+      # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
       # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
       # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
       #
@@ -443,7 +443,7 @@ module StytchB2B
       #   Total custom claims size cannot exceed four kilobytes.
       #   The type of this field is nilable +object+.
       # locale::
-      #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+      #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
       #
       # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
       #
@@ -468,7 +468,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # session_token::
       #   A secret token for a given Stytch Session.
@@ -494,7 +494,7 @@ module StytchB2B
       #   The [Session object](https://stytch.com/docs/b2b/api/session-object).
       #   The type of this field is nilable +MemberSession+ (+object+).
       # mfa_required::
-      #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+      #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
       #   The type of this field is nilable +MfaRequired+ (+object+).
       def reset(
         password_reset_token:,
@@ -553,7 +553,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # organization::
       #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -596,7 +596,7 @@ module StytchB2B
       # considered valid if they meet the requirements that you've set with Stytch.
       # You may update your password strength configuration in the [stytch dashboard](https://stytch.com/dashboard/password-strength-config).
       #
-      # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+      # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
       # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
       # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
       #
@@ -640,7 +640,7 @@ module StytchB2B
       #   Total custom claims size cannot exceed four kilobytes.
       #   The type of this field is nilable +object+.
       # locale::
-      #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+      #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
       #
       # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
       #
@@ -659,7 +659,7 @@ module StytchB2B
       #   Globally unique UUID that identifies a specific Member.
       #   The type of this field is +String+.
       # member::
-      #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+      #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
       #   The type of this field is +Member+ (+object+).
       # session_token::
       #   A secret token for a given Stytch Session.
@@ -685,7 +685,7 @@ module StytchB2B
       #   The [Session object](https://stytch.com/docs/b2b/api/session-object).
       #   The type of this field is nilable +MemberSession+ (+object+).
       # mfa_required::
-      #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+      #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
       #   The type of this field is nilable +MfaRequired+ (+object+).
       def reset(
         email_address:,

data/lib/stytch/b2b_sessions.rb

@@ -6,14 +6,31 @@
 # or your changes may be overwritten later!
 # !!!
 
+require 'jwt'
+require 'json/jwt'
+require_relative 'errors'
 require_relative 'request_helper'
 
 module StytchB2B
   class Sessions
     include Stytch::RequestHelper
 
-    def initialize(connection)
+    def initialize(connection, project_id)
       @connection = connection
+
+      @project_id = project_id
+      @cache_last_update = 0
+      @jwks_loader = lambda do |options|
+        @cached_keys = nil if options[:invalidate] && @cache_last_update < Time.now.to_i - 300
+        @cached_keys ||= begin
+          @cache_last_update = Time.now.to_i
+          keys = []
+          get_jwks(project_id: @project_id)['keys'].each do |r|
+            keys << r
+          end
+          { keys: keys }
+        end
+      end
     end
 
     # Retrieves all active Sessions for a Member.
@@ -94,7 +111,7 @@ module StytchB2B
     #   The JSON Web Token (JWT) for a given Stytch Session.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # organization::
     #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -163,7 +180,7 @@ module StytchB2B
     # Only Email Magic Link, OAuth, and SMS OTP factors can be transferred between sessions. Other authentication factors, such as password factors, will not be transferred to the new session.
     # SMS OTP factors can be used to fulfill MFA requirements for the target Organization if both the original and target Member have the same phone number and the phone number is verified for both Members.
     #
-    # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+    # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
     # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
     # The `intermediate_session_token` can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to join a different Organization or create a new one.
     # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
@@ -197,7 +214,7 @@ module StytchB2B
     #   Total custom claims size cannot exceed four kilobytes.
     #   The type of this field is nilable +object+.
     # locale::
-    #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+    #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
     #
     # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
     #
@@ -225,7 +242,7 @@ module StytchB2B
     #   The JSON Web Token (JWT) for a given Stytch Session.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # organization::
     #   The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
@@ -243,7 +260,7 @@ module StytchB2B
     #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
     #   The type of this field is +Integer+.
     # mfa_required::
-    #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+    #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
     #   The type of this field is nilable +MfaRequired+ (+object+).
     def exchange(
       organization_id:,
@@ -290,5 +307,92 @@ module StytchB2B
       request = request_with_query_params("/v1/b2b/sessions/jwks/#{project_id}", query_params)
       get_request(request)
     end
+
+    # MANUAL(Sessions::authenticate_jwt)(SERVICE_METHOD)
+    # ADDIMPORT: require 'jwt'
+    # ADDIMPORT: require 'json/jwt'
+    # ADDIMPORT: require_relative 'errors'
+
+    # Parse a JWT and verify the signature. If max_token_age_seconds is unset, call the API directly
+    # If max_token_age_seconds is set and the JWT was issued (based on the "iat" claim) less than
+    # max_token_age_seconds seconds ago, then just verify locally and don't call the API
+    # To force remote validation for all tokens, set max_token_age_seconds to 0 or call authenticate()
+    def authenticate_jwt(
+      session_jwt,
+      max_token_age_seconds: nil,
+      session_duration_minutes: nil,
+      session_custom_claims: nil
+    )
+      if max_token_age_seconds == 0
+        return authenticate(
+          session_jwt: session_jwt,
+          session_duration_minutes: session_duration_minutes,
+          session_custom_claims: session_custom_claims
+        )
+      end
+
+      decoded_jwt = authenticate_jwt_local(session_jwt)
+      iat_time = Time.at(decoded_jwt['iat']).to_datetime
+      if iat_time + max_token_age_seconds >= Time.now
+        session = marshal_jwt_into_session(decoded_jwt)
+        { 'session' => session }
+      else
+        authenticate(
+          session_jwt: session_jwt,
+          session_duration_minutes: session_duration_minutes,
+          session_custom_claims: session_custom_claims
+        )
+      end
+    rescue StandardError
+      # JWT could not be verified locally. Check with the Stytch API.
+      authenticate(
+        session_jwt: session_jwt,
+        session_duration_minutes: session_duration_minutes,
+        session_custom_claims: session_custom_claims
+      )
+    end
+
+    # Parse a JWT and verify the signature locally (without calling /authenticate in the API)
+    # Uses the cached value to get the JWK but if it is unavailable, it calls the get_jwks()
+    # function to get the JWK
+    # This method never authenticates a JWT directly with the API
+    def authenticate_jwt_local(session_jwt)
+      issuer = 'stytch.com/' + @project_id
+      begin
+        decoded_token = JWT.decode session_jwt, nil, true,
+                                   { jwks: @jwks_loader, iss: issuer, verify_iss: true, aud: @project_id, verify_aud: true, algorithms: ['RS256'] }
+        decoded_token[0]
+      rescue JWT::InvalidIssuerError
+        raise JWTInvalidIssuerError
+      rescue JWT::InvalidAudError
+        raise JWTInvalidAudienceError
+      rescue JWT::ExpiredSignature
+        raise JWTExpiredSignatureError
+      rescue JWT::IncorrectAlgorithm
+        raise JWTIncorrectAlgorithmError
+      end
+    end
+
+    def marshal_jwt_into_session(jwt)
+      stytch_claim = 'https://stytch.com/session'
+      expires_at = jwt[stytch_claim]['expires_at'] || Time.at(jwt['exp']).to_datetime.utc.strftime('%Y-%m-%dT%H:%M:%SZ')
+      # The custom claim set is all the claims in the payload except for the standard claims and
+      # the Stytch session claim. The cleanest way to collect those seems to be naming what we want
+      # to omit and filtering the rest to collect the custom claims.
+      reserved_claims = ['aud', 'exp', 'iat', 'iss', 'jti', 'nbf', 'sub', stytch_claim]
+      custom_claims = jwt.reject { |key, _| reserved_claims.include?(key) }
+      {
+        'session_id' => jwt[stytch_claim]['id'],
+        'user_id' => jwt['sub'],
+        'started_at' => jwt[stytch_claim]['started_at'],
+        'last_accessed_at' => jwt[stytch_claim]['last_accessed_at'],
+        # For JWTs that include it, prefer the inner expires_at claim.
+        'expires_at' => expires_at,
+        'attributes' => jwt[stytch_claim]['attributes'],
+        'authentication_factors' => jwt[stytch_claim]['authentication_factors'],
+        'custom_claims' => custom_claims
+      }
+    end
+    # ENDMANUAL(Sessions::authenticate_jwt)
   end
 end

data/lib/stytch/b2b_sso.rb

@@ -83,7 +83,7 @@ module StytchB2B
     # If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration.
     # To link this authentication event to an existing Stytch session, include either the `session_token` or `session_jwt` param.
     #
-    # (Coming Soon) If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
+    # If the Member is required to complete MFA to log in to the Organization, the returned value of `member_authenticated` will be `false`, and an `intermediate_session_token` will be returned.
     # The `intermediate_session_token` can be passed into the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms) to complete the MFA step and acquire a full member session.
     # The `session_duration_minutes` and `session_custom_claims` parameters will be ignored.
     #
@@ -121,7 +121,7 @@ module StytchB2B
     #   Total custom claims size cannot exceed four kilobytes.
     #   The type of this field is nilable +object+.
     # locale::
-    #   (Coming Soon) If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
+    #   If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.
     #
     # Parameter is a [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
     #
@@ -143,7 +143,7 @@ module StytchB2B
     #   Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
     #   The type of this field is +String+.
     # member::
-    #   The [Member object](https://stytch.com/docs/b2b/api/member-object).
+    #   The [Member object](https://stytch.com/docs/b2b/api/member-object)
     #   The type of this field is +Member+ (+object+).
     # session_token::
     #   A secret token for a given Stytch Session.
@@ -173,7 +173,7 @@ module StytchB2B
     #   The [Session object](https://stytch.com/docs/b2b/api/session-object).
     #   The type of this field is nilable +MemberSession+ (+object+).
     # mfa_required::
-    #   (Coming Soon) Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
+    #   Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA.
     #   The type of this field is nilable +MfaRequired+ (+object+).
     def authenticate(
       sso_token:,

data/lib/stytch/m2m.rb

@@ -33,7 +33,6 @@ module Stytch
       end
     end
 
-
     # MANUAL(M2M::get_jwks)(SERVICE_METHOD)
     # This is a helper so we can retrieve the JWKS for a project for decoding M2M access tokens
     def get_jwks(
@@ -81,7 +80,7 @@ module Stytch
       }
       request[:scope] = scopes.join(' ') unless scopes.nil?
 
-      JSON.parse(post_request("/v1/public/#{@project_id}/oauth2/token", request), {:symbolize_names => true})
+      JSON.parse(post_request("/v1/public/#{@project_id}/oauth2/token", request), { symbolize_names: true })
     end
     # ENDMANUAL(M2M::token)
 
@@ -116,19 +115,13 @@ module Stytch
       iat_time = Time.at(decoded_jwt['iat']).to_datetime
 
       # Token too old
-      unless max_token_age.nil?
-        if iat_time + max_token_age < Time.now
-          raise JWTExpiredError
-        end
-      end
+      raise JWTExpiredError if !max_token_age.nil? && (iat_time + max_token_age < Time.now)
 
       resp = marshal_jwt_into_response(decoded_jwt)
 
       unless required_scopes.nil?
         for scope in required_scopes
-          unless resp['scopes'].include?(scope)
-            raise TokenMissingScopeError.new(scope)
-          end
+          raise TokenMissingScopeError, scope unless resp['scopes'].include?(scope)
         end
       end
 
@@ -189,12 +182,12 @@ module Stytch
       # request_id::
       #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
       #   The type of this field is +String+.
+      # m2m_client::
+      #   The M2M Client affected by this operation.
+      #   The type of this field is +M2MClient+ (+object+).
       # status_code::
       #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
       #   The type of this field is +Integer+.
-      # m2m_client::
-      #   The M2M Client affected by this operation.
-      #   The type of this field is nilable +M2MClient+ (+object+).
       def get(
         client_id:
       )
@@ -278,12 +271,12 @@ module Stytch
       # request_id::
       #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
       #   The type of this field is +String+.
+      # m2m_client::
+      #   The M2M Client affected by this operation.
+      #   The type of this field is +M2MClient+ (+object+).
       # status_code::
       #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
       #   The type of this field is +Integer+.
-      # m2m_client::
-      #   The M2M Client affected by this operation.
-      #   The type of this field is nilable +M2MClient+ (+object+).
       def update(
         client_id:,
         client_name: nil,
@@ -358,12 +351,12 @@ module Stytch
       # request_id::
       #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
       #   The type of this field is +String+.
+      # m2m_client::
+      #   The M2M Client created by this API call.
+      #   The type of this field is +M2MClientWithClientSecret+ (+object+).
       # status_code::
       #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
       #   The type of this field is +Integer+.
-      # m2m_client::
-      #   The M2M Client created by this API call.
-      #   The type of this field is nilable +M2MClientWithClientSecret+ (+object+).
       def create(
         scopes:,
         client_id: nil,
@@ -391,8 +384,8 @@ module Stytch
           @connection = connection
         end
 
-        # Initiate the rotation of an M2M client secret. After this endpoint is called, both the client's `client_secret` and `next_client_secret` will be valid. To complete the secret rotation flow, update all usages of `client_secret` to `next_client_secret` and call the[Rotate Secret Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret)[Rotate Secret Endpoint](https://stytch.com/docs/api/m2m-rotate-secret) to complete the flow.
-        # Secret rotation can be cancelled using the[Rotate Cancel Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-cancel)[Rotate Cancel Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-cancel).
+        # Initiate the rotation of an M2M client secret. After this endpoint is called, both the client's `client_secret` and `next_client_secret` will be valid. To complete the secret rotation flow, update all usages of `client_secret` to `next_client_secret` and call the [Rotate Secret Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret)[Rotate Secret Endpoint](https://stytch.com/docs/api/m2m-rotate-secret) to complete the flow.
+        # Secret rotation can be cancelled using the [Rotate Cancel Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-cancel)[Rotate Cancel Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-cancel).
         #
         # **Important:** This is the only time you will be able to view the generated `next_client_secret` in the API response. Stytch stores a hash of the `next_client_secret` and cannot recover the value if lost. Be sure to persist the `next_client_secret` in a secure location. If the `next_client_secret` is lost, you will need to trigger a secret rotation flow to receive another one.
         #
@@ -406,12 +399,12 @@ module Stytch
         # request_id::
         #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
         #   The type of this field is +String+.
+        # m2m_client::
+        #   The M2M Client affected by this operation.
+        #   The type of this field is +M2MClientWithNextClientSecret+ (+object+).
         # status_code::
         #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
         #   The type of this field is +Integer+.
-        # m2m_client::
-        #   The M2M Client affected by this operation.
-        #   The type of this field is nilable +M2MClientWithNextClientSecret+ (+object+).
         def rotate_start(
           client_id:
         )
@@ -420,7 +413,7 @@ module Stytch
           post_request("/v1/m2m/clients/#{client_id}/secrets/rotate/start", request)
         end
 
-        # Cancel the rotation of an M2M client secret started with the[Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start)[Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
+        # Cancel the rotation of an M2M client secret started with the [Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start) [Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
         # After this endpoint is called, the client's `next_client_secret` is discarded and only the original `client_secret` will be valid.
         #
         # == Parameters:
@@ -433,12 +426,12 @@ module Stytch
         # request_id::
         #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
         #   The type of this field is +String+.
+        # m2m_client::
+        #   The M2M Client affected by this operation.
+        #   The type of this field is +M2MClient+ (+object+).
         # status_code::
         #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
         #   The type of this field is +Integer+.
-        # m2m_client::
-        #   The M2M Client affected by this operation.
-        #   The type of this field is nilable +M2MClient+ (+object+).
         def rotate_cancel(
           client_id:
         )
@@ -447,7 +440,7 @@ module Stytch
           post_request("/v1/m2m/clients/#{client_id}/secrets/rotate/cancel", request)
         end
 
-        # Complete the rotation of an M2M client secret started with the[Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start)[Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
+        # Complete the rotation of an M2M client secret started with the [Start Secret Rotation Endpoint](https://stytch.com/docs/b2b/api/m2m-rotate-secret-start) [Start Secret Rotation Endpoint](https://stytch.com/docs/api/m2m-rotate-secret-start).
         # After this endpoint is called, the client's `next_client_secret` becomes its `client_secret` and the previous `client_secret` will no longer be valid.
         #
         # == Parameters:
@@ -460,12 +453,12 @@ module Stytch
         # request_id::
         #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
         #   The type of this field is +String+.
+        # m2m_client::
+        #   The M2M Client affected by this operation.
+        #   The type of this field is +M2MClient+ (+object+).
         # status_code::
         #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
         #   The type of this field is +Integer+.
-        # m2m_client::
-        #   The M2M Client affected by this operation.
-        #   The type of this field is nilable +M2MClient+ (+object+).
         def rotate(
           client_id:
         )

data/lib/stytch/magic_links.rb

@@ -167,9 +167,7 @@ module Stytch
       # Send a magic link to an existing Stytch user using their email address. If you'd like to create a user and send them a magic link by email with one request, use our [log in or create endpoint](https://stytch.com/docs/api/log-in-or-create-user-by-email).
       #
       # ### Add an email to an existing user
-      # This endpoint also allows you to add a new email to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the email to the pre-existing Stytch User upon successful authentication.
-      #
-      # Adding a new email to an existing Stytch User requires the user to be present and validate the email via magic link. This requirement is in place to prevent account takeover attacks.
+      # This endpoint also allows you to add a new email address to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in your Send Magic Link by email request will add the new, unverified email address to the existing Stytch User. Upon successful authentication, the email address will be marked as verified.
       #
       # ### Next steps
       # The user is emailed a magic link which redirects them to the provided [redirect URL](https://stytch.com/docs/guides/magic-links/email-magic-links/redirect-routing). Collect the `token` from the URL query parameters, and call [Authenticate magic link](https://stytch.com/docs/api/authenticate-magic-link) to complete authentication.

data/lib/stytch/otps.rb

@@ -126,11 +126,12 @@ module Stytch
       #
       # Note that sending another OTP code before the first has expired will invalidate the first code.
       #
-      # ### Add a phone number to an existing user
+      # ### Cost to send SMS OTP
+      # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
       #
-      # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the phone number to the pre-existing Stytch User upon successful authentication.
+      # ### Add a phone number to an existing user
       #
-      # Adding a new phone number to an existing Stytch User requires the user to be present and validate the phone number via OTP. This requirement is in place to prevent account takeover attacks.
+      # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in your Send one-time passcode by SMS request will add the new, unverified phone number to the existing Stytch User. Upon successful authentication, the phone number will be marked as verified.
       #
       # ### Next steps
       #
@@ -138,7 +139,7 @@ module Stytch
       #
       # == Parameters:
       # phone_number::
-      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
+      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
       #   The type of this field is +String+.
       # expiration_minutes::
       #   Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -200,15 +201,17 @@ module Stytch
         post_request('/v1/otps/sms/send', request)
       end
 
-      # Send a one-time passcode (OTP) to a User using their phone number. If the phone number is not associated with a user already, a user will be created.
+      # Send a One-Time Passcode (OTP) to a User using their phone number. If the phone number is not associated with a user already, a user will be created.
       #
+      # ### Cost to send SMS OTP
+      # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
       # ### Next steps
       #
       # Collect the OTP which was delivered to the User. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`.
       #
       # == Parameters:
       # phone_number::
-      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
+      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
       #   The type of this field is +String+.
       # expiration_minutes::
       #   Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -275,15 +278,16 @@ module Stytch
         @connection = connection
       end
 
-      # Send a one-time passcode (OTP) to a User's WhatsApp. If you'd like to create a user and send them a passcode with one request, use our [log in or create](https://stytch.com/docs/api/whatsapp-login-or-create) endpoint.
+      # Send a One-Time Passcode (OTP) to a User's WhatsApp. If you'd like to create a user and send them a passcode with one request, use our [log in or create](https://stytch.com/docs/api/whatsapp-login-or-create) endpoint.
       #
       # Note that sending another OTP code before the first has expired will invalidate the first code.
       #
-      # ### Add a phone number to an existing user
+      # ### Cost to send SMS OTP
+      # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
       #
-      # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the phone number to the pre-existing Stytch User upon successful authentication.
+      # ### Add a phone number to an existing user
       #
-      # Adding a new phone number to an existing Stytch User requires the user to be present and validate the phone number via OTP. This requirement is in place to prevent account takeover attacks.
+      # This endpoint also allows you to add a new phone number to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in your Send one-time passcode by WhatsApp request will add the new, unverified phone number to the existing Stytch User. Upon successful authentication, the phone number will be marked as verified.
       #
       # ### Next steps
       #
@@ -291,7 +295,7 @@ module Stytch
       #
       # == Parameters:
       # phone_number::
-      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
+      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
       #   The type of this field is +String+.
       # expiration_minutes::
       #   Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -355,13 +359,16 @@ module Stytch
 
       # Send a one-time passcode (OTP) to a User's WhatsApp using their phone number. If the phone number is not associated with a User already, a User will be created.
       #
+      # ### Cost to send SMS OTP
+      # Before configuring SMS or WhatsApp OTPs, please review how Stytch [bills the costs of international OTPs](https://stytch.com/pricing) and understand how to protect your app against [toll fraud](https://stytch.com/docs/guides/passcodes/toll-fraud/overview).
+      #
       # ### Next steps
       #
       # Collect the OTP which was delivered to the User. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`.
       #
       # == Parameters:
       # phone_number::
-      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
+      #   The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
       #   The type of this field is +String+.
       # expiration_minutes::
       #   Set the expiration for the one-time passcode, in minutes. The minimum expiration is 1 minute and the maximum is 10 minutes. The default expiration is 2 minutes.
@@ -428,12 +435,10 @@ module Stytch
         @connection = connection
       end
 
-      # Send a one-time passcode (OTP) to a User using their email. If you'd like to create a user and send them a passcode with one request, use our [log in or create endpoint](https://stytch.com/docs/api/log-in-or-create-user-by-email-otp).
+      # Send a One-Time Passcode (OTP) to a User using their email. If you'd like to create a user and send them a passcode with one request, use our [log in or create endpoint](https://stytch.com/docs/api/log-in-or-create-user-by-email-otp).
       #
       # ### Add an email to an existing user
-      # This endpoint also allows you to add a new email to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in the request will add the email to the pre-existing Stytch User upon successful authentication.
-      #
-      # Adding a new email to an existing Stytch User requires the User to be present and validate the email via OTP. This requirement is in place to prevent account takeover attacks.
+      # This endpoint also allows you to add a new email address to an existing Stytch User. Including a `user_id`, `session_token`, or `session_jwt` in your Send one-time passcode by email request will add the new, unverified email address to the existing Stytch User. Upon successful authentication, the email address will be marked as verified.
       #
       # ### Next steps
       # Collect the OTP which was delivered to the user. Call [Authenticate OTP](https://stytch.com/docs/api/authenticate-otp) using the OTP `code` along with the `phone_id` found in the response as the `method_id`.

data/lib/stytch/passwords.rb

@@ -21,11 +21,13 @@ module Stytch
       @sessions = Stytch::Passwords::Sessions.new(@connection)
     end
 
-    # Create a new user with a password and an authenticated session for the user if requested. If a user with this email already exists in the project, this API will return an error.
+    # Create a new user with a password. If `session_duration_minutes` is specified, a new session will be started as well.
     #
-    # Existing passwordless users who wish to create a password need to go through the reset password flow.
+    # If a user with this email already exists in your Stytch project, this endpoint will return a `duplicate_email` error. To add a password to an existing passwordless user, you'll need to either call the [Migrate password endpoint](https://stytch.com/docs/api/password-migrate) or prompt the user to complete one of our password reset flows.
     #
-    # This endpoint will return an error if the password provided does not meet our strength requirements, which you can check beforehand with the password strength endpoint.
+    # This endpoint will return an error if the password provided does not meet our strength requirements, which you can check beforehand via the [Password strength check endpoint](https://stytch.com/docs/api/password-strength-check).
+    #
+    # When creating new Passwords users, it's good practice to enforce an email verification flow. We'd recommend checking out our [Email verification guide](https://stytch.com/docs/guides/passwords/email-verification/overview) for more information.
     #
     # == Parameters:
     # email::

data/lib/stytch/users.rb

@@ -29,7 +29,7 @@ module Stytch
     #   Provided attributes help with fraud detection.
     #   The type of this field is nilable +Attributes+ (+object+).
     # phone_number::
-    #   The phone number to use for one-time passcodes. The phone number should be in E.164 format. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
+    #   The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see [Testing](https://stytch.com/docs/home#resources_testing) for more detail.
     #   The type of this field is nilable +String+.
     # create_user_as_pending::
     #   Flag for whether or not to save a user as pending vs active in Stytch. Defaults to false.
@@ -196,7 +196,7 @@ module Stytch
 
     # Update a User's attributes.
     #
-    # **Note:** In order to add a new email address or phone number to an existing User object, pass the new email address or phone number into the respective `/send` endpoint for the authentication method of your choice. If you specify the existing User's `user_id` while calling the `/send` endpoint, the new email address or phone number will be added to the existing User object upon successful authentication. We require this process to guard against an account takeover vulnerability.
+    # **Note:** In order to add a new email address or phone number to an existing User object, pass the new email address or phone number into the respective `/send` endpoint for the authentication method of your choice. If you specify the existing User's `user_id` while calling the `/send` endpoint, the new, unverified email address or phone number will be added to the existing User object. Upon successful authentication, the email address or phone number will be marked as verified. We require this process to guard against an account takeover vulnerability.
     #
     # == Parameters:
     # user_id::
@@ -254,6 +254,39 @@ module Stytch
       put_request("/v1/users/#{user_id}", request)
     end
 
+    # Exchange a user's email address or phone number for another.
+    #
+    # Must pass either an `email_address` or a `phone_number`.
+    #
+    # This endpoint only works if the user has exactly one factor. You are able to exchange the type of factor for another as well, i.e. exchange an `email_address` for a `phone_number`.
+    #
+    # Use this endpoint with caution as it performs an admin level action.
+    #
+    # == Parameters:
+    # user_id::
+    #   The unique ID of a specific User.
+    #   The type of this field is +String+.
+    # email_address::
+    #   The email address to exchange to.
+    #   The type of this field is nilable +String+.
+    # phone_number::
+    #   The phone number to exchange to. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX).
+    #   The type of this field is nilable +String+.
+    #
+    # == Returns:
+    # An object with the following fields:
+    # request_id::
+    #   Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
+    #   The type of this field is +String+.
+    # user_id::
+    #   The unique ID of the affected User.
+    #   The type of this field is +String+.
+    # user::
+    #   The `user` object affected by this API call. See the [Get user endpoint](https://stytch.com/docs/api/get-user) for complete response field details.
+    #   The type of this field is +User+ (+object+).
+    # status_code::
+    #   The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
+    #   The type of this field is +Integer+.
     def exchange_primary_factor(
       user_id:,
       email_address: nil,

data/lib/stytch/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stytch
-  VERSION = '6.3.0'
+  VERSION = '6.5.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: stytch
 version: !ruby/object:Gem::Version
-  version: 6.3.0
+  version: 6.5.0
 platform: ruby
 authors:
 - stytch
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-08-21 00:00:00.000000000 Z
+date: 2023-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday