Stytch · Schema
api_b2b_magic_v1_AuthenticateRequest
Request type
AuthenticationIdentityPasswordlessSecurityB2BConnected AppsMCPAI AgentsDeveloper Tools
Properties
| Name | Type | Description |
|---|---|---|
| magic_links_token | string | The Email Magic Link token to authenticate. |
| pkce_code_verifier | string | A base64url encoded one time secret used to validate that the request starts and ends on the same device. |
| session_token | string | Reuse an existing session instead of creating a new one. If you provide a `session_token`, Stytch will update the session. If the `session_token` and `magic_links_token` belong to different Members, t |
| session_jwt | string | Reuse an existing session instead of creating a new one. If you provide a `session_jwt`, Stytch will update the session. If the `session_jwt` and `magic_links_token` belong to different Members, the ` |
| session_duration_minutes | integer | Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist, returning both an opaque `session_token` and `session_jwt` for this session. Reme |
| session_custom_claims | object | Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in `session_duration_minutes`. Claims will be included on the Sessi |
| locale | object | If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will b |
| intermediate_session_token | string | Adds this primary authentication factor to the intermediate session token. If the resulting set of factors satisfies the organization's primary authentication requirements and MFA requirements, the in |
| telemetry_id | string | If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/api_b2b_magic_v1_AuthenticateRequest",
"title": "api_b2b_magic_v1_AuthenticateRequest",
"type": "object",
"properties": {
"magic_links_token": {
"type": "string",
"description": "The Email Magic Link token to authenticate."
},
"pkce_code_verifier": {
"type": "string",
"description": "A base64url encoded one time secret used to validate that the request starts and ends on the same device."
},
"session_token": {
"type": "string",
"description": "Reuse an existing session instead of creating a new one. If you provide a `session_token`, Stytch will update the session.\n If the `session_token` and `magic_links_token` belong to different Members, the `session_token` will be ignored. This endpoint will error if\n both `session_token` and `session_jwt` are provided."
},
"session_jwt": {
"type": "string",
"description": "Reuse an existing session instead of creating a new one. If you provide a `session_jwt`, Stytch will update the session. If the `session_jwt`\n and `magic_links_token` belong to different Members, the `session_jwt` will be ignored. This endpoint will error if both `session_token` and `session_jwt`\n are provided."
},
"session_duration_minutes": {
"type": "integer",
"format": "int32",
"description": "Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist,\n returning both an opaque `session_token` and `session_jwt` for this session. Remember that the `session_jwt` will have a fixed lifetime of\n five minutes regardless of the underlying session duration, and will need to be refreshed over time.\n\n This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).\n\n If a `session_token` or `session_jwt` is provided then a successful authentication will continue to extend the session this many minutes.\n\n If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration. If you don't want\n to use the Stytch session product, you can ignore the session fields in the response."
},
"session_custom_claims": {
"type": "object",
"additionalProperties": true,
"description": "Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in\n `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a key in an existing Session, supply a new value. To\n delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`, `exp`, `nbf`, `iat`, `jti`) will be ignored.\n Total custom claims size cannot exceed four kilobytes."
},
"locale": {
"$ref": "#/components/schemas/api_b2b_magic_v1_AuthenticateRequestLocale",
"description": "If the Member needs to complete an MFA step, and the Member has a phone number, this endpoint will pre-emptively send a one-time passcode (OTP) to the Member's phone number. The locale argument will be used to determine which language to use when sending the passcode.\n\nParameter is an [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `\"en\"`.\n\nCurrently supported languages are English (`\"en\"`), Spanish (`\"es\"`), and Brazilian Portuguese (`\"pt-br\"`); if no value is provided, the copy defaults to English.\n\nRequest support for additional languages [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link\")!\n"
},
"intermediate_session_token": {
"type": "string",
"description": "Adds this primary authentication factor to the intermediate session token. If the resulting set of factors satisfies the organization's primary authentication requirements and MFA requirements, the intermediate session token will be consumed and converted to a member session. If not, the same intermediate session token will be returned."
},
"telemetry_id": {
"type": "string",
"description": "If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature."
}
},
"description": "Request type",
"required": [
"magic_links_token"
]
}