Stytch · Schema
api_organization_v1_Member
AuthenticationIdentityPasswordlessSecurityB2BConnected AppsMCPAI AgentsDeveloper Tools
Properties
| Name | Type | Description |
|---|---|---|
| organization_id | string | Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organi |
| member_id | string | Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set |
| email_address | string | The email address of the Member. |
| status | string | The status of the Member. The possible values are: `pending`, `invited`, `active`, or `deleted`. |
| name | string | The name of the Member. |
| sso_registrations | array | An array of registered [SAML Connection](https://stytch.com/docs/b2b/api/saml-connection-object) or [OIDC Connection](https://stytch.com/docs/b2b/api/oidc-connection-object) objects the Member has aut |
| is_breakglass | boolean | Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for eme |
| member_password_id | string | Globally unique UUID that identifies a Member's password. |
| oauth_registrations | array | A list of OAuth registrations for this member. |
| email_address_verified | boolean | Whether or not the Member's email address is verified. |
| mfa_phone_number_verified | boolean | Whether or not the Member's phone number is verified. |
| is_admin | boolean | Whether or not the Member has the `stytch_admin` Role. This Role is automatically granted to Members who create an Organization through the [discovery flow](https://stytch.com/docs/b2b/api/create-orga |
| totp_registration_id | string | Globally unique UUID that identifies a TOTP instance. |
| retired_email_addresses | array | A list of retired email addresses for this member. A previously active email address can be marked as retired in one of two ways: - It's replaced with a new primary email address during an explicit Me |
| is_locked | boolean | Whether the Member is temporarily locked due to too many failed authentication attempts. See the [User Locking Guide](https://stytch.com/docs/resources/platform/user-locks) for more information. |
| mfa_enrolled | boolean | Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if |
| mfa_phone_number | string | The Member's phone number. A Member may only have one phone number. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). |
| default_mfa_method | string | The Member's default MFA method. This value is used to determine which secondary MFA method to use in the case of multiple methods registered for a Member. The current possible values are `sms_otp` an |
| roles | array | Explicit or implicit Roles assigned to this Member, along with details about the role assignment source. See the [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more informat |
| trusted_metadata | object | An arbitrary JSON object for storing application-specific data or identity-provider-specific data. |
| untrusted_metadata | object | An arbitrary JSON object of application-specific data. These fields can be edited directly by the frontend SDK, and should not be used to store critical information. See the [Metadata resource](https: |
| created_at | string | The timestamp of the Member's creation. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`. |
| updated_at | string | The timestamp of when the Member was last updated. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`. |
| scim_registration | object | A scim member registration, referencing a [SCIM Connection](https://stytch.com/docs/b2b/api/scim-connection-object) object in use for the Member creation. |
| external_id | string | The ID of the member given by the identity provider. |
| lock_created_at | string | When the member lock was created, if there is one. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`. |
| lock_expires_at | string | When the member lock expires, if there is one. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/api_organization_v1_Member",
"title": "api_organization_v1_Member",
"type": "object",
"properties": {
"organization_id": {
"type": "string",
"description": "Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience."
},
"member_id": {
"type": "string",
"description": "Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member."
},
"email_address": {
"type": "string",
"description": "The email address of the Member."
},
"status": {
"type": "string",
"description": "The status of the Member. The possible values are: `pending`, `invited`, `active`, or `deleted`."
},
"name": {
"type": "string",
"description": "The name of the Member."
},
"sso_registrations": {
"type": "array",
"items": {
"$ref": "#/components/schemas/api_organization_v1_SSORegistration"
},
"description": "An array of registered [SAML Connection](https://stytch.com/docs/b2b/api/saml-connection-object) or [OIDC Connection](https://stytch.com/docs/b2b/api/oidc-connection-object) objects the Member has authenticated with."
},
"is_breakglass": {
"type": "boolean",
"description": "Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](https://stytch.com/docs/b2b/api/organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details."
},
"member_password_id": {
"type": "string",
"description": "Globally unique UUID that identifies a Member's password."
},
"oauth_registrations": {
"type": "array",
"items": {
"$ref": "#/components/schemas/api_organization_v1_OAuthRegistration"
},
"description": "A list of OAuth registrations for this member."
},
"email_address_verified": {
"type": "boolean",
"description": "Whether or not the Member's email address is verified."
},
"mfa_phone_number_verified": {
"type": "boolean",
"description": "Whether or not the Member's phone number is verified."
},
"is_admin": {
"type": "boolean",
"description": "Whether or not the Member has the `stytch_admin` Role. This Role is automatically granted to Members\n who create an Organization through the [discovery flow](https://stytch.com/docs/b2b/api/create-organization-via-discovery). See the\n [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/stytch-default) for more details on this Role."
},
"totp_registration_id": {
"type": "string",
"description": "Globally unique UUID that identifies a TOTP instance."
},
"retired_email_addresses": {
"type": "array",
"items": {
"$ref": "#/components/schemas/api_organization_v1_RetiredEmail"
},
"description": "\n A list of retired email addresses for this member.\n A previously active email address can be marked as retired in one of two ways:\n - It's replaced with a new primary email address during an explicit Member update.\n - A new email address is surfaced by an OAuth, SAML or OIDC provider. In this case the new email address becomes the\n Member's primary email address and the old primary email address is retired.\n \n A retired email address cannot be used by other Members in the same Organization. However, unlinking retired email\n addresses allows them to be subsequently re-used by other Organization Members. Retired email addresses can be unlinked\n using the [Unlink Retired Email endpoint](https://stytch.com/docs/b2b/api/unlink-retired-member-email).\n "
},
"is_locked": {
"type": "boolean",
"description": "Whether the Member is temporarily locked due to too many failed authentication attempts. See the [User Locking Guide](https://stytch.com/docs/resources/platform/user-locks) for more information."
},
"mfa_enrolled": {
"type": "boolean",
"description": "Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`."
},
"mfa_phone_number": {
"type": "string",
"description": "The Member's phone number. A Member may only have one phone number. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX)."
},
"default_mfa_method": {
"type": "string",
"description": "The Member's default MFA method. This value is used to determine which secondary MFA method to use in the case of multiple methods registered for a Member. The current possible values are `sms_otp` and `totp`."
},
"roles": {
"type": "array",
"items": {
"$ref": "#/components/schemas/api_organization_v1_MemberRole"
},
"description": "Explicit or implicit Roles assigned to this Member, along with details about the role assignment source.\n See the [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role assignment."
},
"trusted_metadata": {
"type": "object",
"additionalProperties": true,
"description": "An arbitrary JSON object for storing application-specific data or identity-provider-specific data."
},
"untrusted_metadata": {
"type": "object",
"additionalProperties": true,
"description": "An arbitrary JSON object of application-specific data. These fields can be edited directly by the\n frontend SDK, and should not be used to store critical information. See the [Metadata resource](https://stytch.com/docs/b2b/api/metadata)\n for complete field behavior details."
},
"created_at": {
"type": "string",
"description": "The timestamp of the Member's creation. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`."
},
"updated_at": {
"type": "string",
"description": "The timestamp of when the Member was last updated. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`."
},
"scim_registration": {
"$ref": "#/components/schemas/api_organization_v1_SCIMRegistration",
"description": "A scim member registration, referencing a [SCIM Connection](https://stytch.com/docs/b2b/api/scim-connection-object) object in use for the Member creation."
},
"external_id": {
"type": "string",
"description": "The ID of the member given by the identity provider."
},
"lock_created_at": {
"type": "string",
"description": "When the member lock was created, if there is one. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`."
},
"lock_expires_at": {
"type": "string",
"description": "When the member lock expires, if there is one. Values conform to the RFC 3339 standard and are expressed in UTC, e.g. `2021-12-29T12:33:09Z`."
}
},
"required": [
"organization_id",
"member_id",
"email_address",
"status",
"name",
"sso_registrations",
"is_breakglass",
"member_password_id",
"oauth_registrations",
"email_address_verified",
"mfa_phone_number_verified",
"is_admin",
"totp_registration_id",
"retired_email_addresses",
"is_locked",
"mfa_enrolled",
"mfa_phone_number",
"default_mfa_method",
"roles"
]
}