Stytch · Schema

api_b2b_password_v1_StrengthCheckResponse

AuthenticationIdentityPasswordlessSecurityB2BConnected AppsMCPAI AgentsDeveloper Tools

Properties

Name Type Description
request_id string Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug
valid_password boolean Returns `true` if the password passes our password validation. We offer two validation options, [zxcvbn](https://stytch.com/docs/guides/passwords/strength-policy) is the default option which offers a
score integer The score of the password determined by [zxcvbn](https://github.com/dropbox/zxcvbn). Values will be between 1 and 4, a 3 or greater is required to pass validation.
breached_password boolean Returns `true` if the password has been breached. Powered by [HaveIBeenPwned](https://haveibeenpwned.com/).
strength_policy string The strength policy type enforced, either `zxcvbn` or `luds`.
breach_detection_on_create boolean Will return `true` if breach detection will be evaluated. By default this option is enabled. This option can be disabled in the [dashboard](https://stytch.com/dashboard/password-strength-config#breach
status_code integer The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server
luds_feedback object Feedback for how to improve the password's strength using [luds](https://stytch.com/docs/guides/passwords/strength-policy).
zxcvbn_feedback object Feedback for how to improve the password's strength using [zxcvbn](https://stytch.com/docs/b2b/guides/passwords/strength-policy).
View JSON Schema on GitHub

JSON Schema

stytch-api-b2b-password-v1-strengthcheckresponse-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/api_b2b_password_v1_StrengthCheckResponse",
  "title": "api_b2b_password_v1_StrengthCheckResponse",
  "type": "object",
  "properties": {
    "request_id": {
      "type": "string",
      "description": "Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue."
    },
    "valid_password": {
      "type": "boolean",
      "description": "Returns `true` if the password passes our password validation. We offer two validation options,\n  [zxcvbn](https://stytch.com/docs/guides/passwords/strength-policy) is the default option which offers a high level of sophistication.\n  We also offer [LUDS](https://stytch.com/docs/b2b/guides/passwords/strength-policy) which is less sophisticated \n  but easier to understand. If an email address is included in the call we also\n  require that the password hasn't been compromised using built-in breach detection powered by [HaveIBeenPwned](https://haveibeenpwned.com/)"
    },
    "score": {
      "type": "integer",
      "format": "int32",
      "description": "The score of the password determined by [zxcvbn](https://github.com/dropbox/zxcvbn). Values will be between 1 and 4, a 3 or greater is required to pass validation."
    },
    "breached_password": {
      "type": "boolean",
      "description": "Returns `true` if the password has been breached. Powered by [HaveIBeenPwned](https://haveibeenpwned.com/)."
    },
    "strength_policy": {
      "type": "string",
      "description": "The strength policy type enforced, either `zxcvbn` or `luds`."
    },
    "breach_detection_on_create": {
      "type": "boolean",
      "description": "Will return `true` if breach detection will be evaluated. By default this option is enabled.\n  This option can be disabled in the [dashboard](https://stytch.com/dashboard/password-strength-config#breach-detection).\n  If this value is false then `breached_password` will always be `false` as well."
    },
    "status_code": {
      "type": "integer",
      "format": "int32",
      "description": "The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors."
    },
    "luds_feedback": {
      "$ref": "#/components/schemas/api_b2b_password_v1_LudsFeedback",
      "description": "Feedback for how to improve the password's strength using [luds](https://stytch.com/docs/guides/passwords/strength-policy)."
    },
    "zxcvbn_feedback": {
      "$ref": "#/components/schemas/api_b2b_password_v1_ZxcvbnFeedback",
      "description": "Feedback for how to improve the password's strength using [zxcvbn](https://stytch.com/docs/b2b/guides/passwords/strength-policy)."
    }
  },
  "required": [
    "request_id",
    "valid_password",
    "score",
    "breached_password",
    "strength_policy",
    "breach_detection_on_create",
    "status_code"
  ]
}