Stytch · Schema

api_password_v1_passwords_email_ResetRequest

Request type

AuthenticationIdentityPasswordlessSecurityB2BConnected AppsMCPAI AgentsDeveloper Tools

Properties

Name Type Description
token string The Passwords `token` from the `?token=` query parameter in the URL. In the redirect URL, the `stytch_token_type` will be `login` or `reset_password`. See examples and read more about redirect URLs [h
password string The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characters, etc.
session_token string The `session_token` associated with a User's existing Session.
session_duration_minutes integer Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist, returning both an opaque `session_token` and `session_jwt` for this session. Reme
session_jwt string The `session_jwt` associated with a User's existing Session.
code_verifier string A base64url encoded one time secret used to validate that the request starts and ends on the same device.
session_custom_claims object Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in `session_duration_minutes`. Claims will be included on the Sessi
attributes object Provided attributes to help with fraud detection. These values are pulled and passed into Stytch endpoints by your application.
options object Specify optional security settings.
telemetry_id string If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and
View JSON Schema on GitHub

JSON Schema

stytch-api-password-v1-passwords-email-resetrequest-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/api_password_v1_passwords_email_ResetRequest",
  "title": "api_password_v1_passwords_email_ResetRequest",
  "type": "object",
  "properties": {
    "token": {
      "type": "string",
      "description": "The Passwords `token` from the `?token=` query parameter in the URL.\n\n      In the redirect URL, the `stytch_token_type` will be `login` or `reset_password`.\n\n      See examples and read more about redirect URLs [here](https://stytch.com/docs/workspace-management/redirect-urls)."
    },
    "password": {
      "type": "string",
      "description": "The password for the user. Any UTF8 character is allowed, e.g. spaces, emojis, non-English characters, etc."
    },
    "session_token": {
      "type": "string",
      "description": "The `session_token` associated with a User's existing Session."
    },
    "session_duration_minutes": {
      "type": "integer",
      "format": "int32",
      "description": "Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't already exist,\n  returning both an opaque `session_token` and `session_jwt` for this session. Remember that the `session_jwt` will have a fixed lifetime of\n  five minutes regardless of the underlying session duration, and will need to be refreshed over time.\n\n  This value must be a minimum of 5 and a maximum of 527040 minutes (366 days).\n\n  If a `session_token` or `session_jwt` is provided then a successful authentication will continue to extend the session this many minutes.\n\n  If the `session_duration_minutes` parameter is not specified, a Stytch session will not be created."
    },
    "session_jwt": {
      "type": "string",
      "description": "The `session_jwt` associated with a User's existing Session."
    },
    "code_verifier": {
      "type": "string",
      "description": "A base64url encoded one time secret used to validate that the request starts and ends on the same device."
    },
    "session_custom_claims": {
      "type": "object",
      "additionalProperties": true,
      "description": "Add a custom claims map to the Session being authenticated. Claims are only created if a Session is initialized by providing a value in `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a key in an existing Session, supply a new value. To delete a key, supply a null value.\n\n  Custom claims made with reserved claims (\"iss\", \"sub\", \"aud\", \"exp\", \"nbf\", \"iat\", \"jti\") will be ignored. Total custom claims size cannot exceed four kilobytes."
    },
    "attributes": {
      "$ref": "#/components/schemas/api_attribute_v1_Attributes",
      "description": "Provided attributes to help with fraud detection. These values are pulled and passed into Stytch endpoints by your application."
    },
    "options": {
      "$ref": "#/components/schemas/api_magic_v1_Options",
      "description": "Specify optional security settings."
    },
    "telemetry_id": {
      "type": "string",
      "description": "If the `telemetry_id` is passed, as part of this request, Stytch will call the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated fingerprints and IPGEO information for the User. Your workspace must be enabled for Device Fingerprinting to use this feature."
    }
  },
  "description": "Request type",
  "required": [
    "token",
    "password"
  ]
}