api_b2b_session_v1_AttestRequest

{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/api_b2b_session_v1_AttestRequest",
  "title": "api_b2b_session_v1_AttestRequest",
  "type": "object",
  "properties": {
    "profile_id": {
      "type": "string",
      "description": "The ID of the trusted auth token profile to use for attestation."
    },
    "token": {
      "type": "string",
      "description": "The trusted auth token to authenticate. The token must have an organization ID claim if JIT provisioning is enabled."
    },
    "organization_id": {
      "type": "string",
      "description": "The organization ID that the session should be authenticated in. Must be provided if the trusted auth token does not have an organization ID claim."
    },
    "session_duration_minutes": {
      "type": "integer",
      "format": "int32",
      "description": "Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist,\n  returning both an opaque `session_token` and `session_jwt` for this session. Remember that the `session_jwt` will have a fixed lifetime of\n  five minutes regardless of the underlying session duration, and will need to be refreshed over time.\n\n  This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).\n\n  If a `session_token` or `session_jwt` is provided then a successful authentication will continue to extend the session this many minutes.\n\n  If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a 60 minute duration. If you don't want\n  to use the Stytch session product, you can ignore the session fields in the response."
    },
    "session_custom_claims": {
      "type": "object",
      "additionalProperties": true,
      "description": "Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in\n  `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a key in an existing Session, supply a new value. To\n  delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`, `exp`, `nbf`, `iat`, `jti`) will be ignored.\n  Total custom claims size cannot exceed four kilobytes."
    },
    "session_token": {
      "type": "string",
      "description": "The `session_token` for the session that you wish to add the trusted auth token authentication factor to."
    },
    "session_jwt": {
      "type": "string",
      "description": "The `session_jwt` for the session that you wish to add the trusted auth token authentication factor to."
    },
    "telemetry_id": {
      "type": "string",
      "description": "If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device Fingerprinting to use this feature."
    }
  },
  "description": "Request type",
  "required": [
    "profile_id",
    "token"
  ]
}