import { DeviceInfo } from "../b2c/device_history"; import { fetchConfig } from "../shared"; import { Member, Organization } from "./organizations"; import { MemberSession } from "./sessions"; import { MfaRequired } from "./mfa"; export interface B2BPasswordsSessionResetRequest { /** * Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to * perform operations on an Organization, so be sure to preserve this value. You may also use the * organization_slug or organization_external_id here as a convenience. */ organization_id: string; /** * The password to authenticate, reset, or set for the first time. Any UTF8 character is allowed, e.g. * spaces, emojis, non-English characters, etc. */ password: string; session_token?: string; session_jwt?: string; /** * Set the session lifetime to be this many minutes from now. This will start a new session if one doesn't * already exist, * returning both an opaque `session_token` and `session_jwt` for this session. Remember that the * `session_jwt` will have a fixed lifetime of * five minutes regardless of the underlying session duration, and will need to be refreshed over time. * * This value must be a minimum of 5 and a maximum of 527040 minutes (366 days). * * If a `session_token` or `session_jwt` is provided then a successful authentication will continue to * extend the session this many minutes. * * If the `session_duration_minutes` parameter is not specified, a Stytch session will be created with a * 60 minute duration. If you don't want * to use the Stytch session product, you can ignore the session fields in the response. */ session_duration_minutes?: number; /** * Add a custom claims map to the Session being authenticated. Claims are only created if a Session is * initialized by providing a value in * `session_duration_minutes`. Claims will be included on the Session object and in the JWT. To update a * key in an existing Session, supply a new value. To * delete a key, supply a null value. Custom claims made with reserved claims (`iss`, `sub`, `aud`, * `exp`, `nbf`, `iat`, `jti`) will be ignored. * Total custom claims size cannot exceed four kilobytes. */ session_custom_claims?: Record; /** * Used to determine which language to use when sending the user this delivery method. Parameter is an * [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`. * * Currently supported languages are English (`"en"`), Spanish (`"es"`), French (`"fr"`) and Brazilian * Portuguese (`"pt-br"`); if no value is provided, the copy defaults to English. * * Request support for additional languages * [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")! * */ locale?: "en" | "es" | "pt-br" | "fr" | string; /** * If the `telemetry_id` is passed, as part of this request, Stytch will call the * [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) and store the associated * fingerprints and IPGEO information for the Member. Your workspace must be enabled for Device * Fingerprinting to use this feature. */ telemetry_id?: string; } export interface B2BPasswordsSessionResetResponse { /** * Globally unique UUID that is returned with every API call. This value is important to log for debugging * purposes; we may ask for this value to help identify a specific API call when helping you debug an issue. */ request_id: string; member_id: string; member: Member; organization: Organization; session_token: string; session_jwt: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a * Member, but represents a bag of factors that may be converted to a member session. The token can be used * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an * MFA flow and log in to the Organization. The token has a default expiry of 10 minutes. It can also be * used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. Intermediate Session Tokens have a default expiry of 10 minutes. */ intermediate_session_token: string; /** * Indicates whether the Member is fully authenticated. If false, the Member needs to complete an MFA step * to log in to the Organization. */ member_authenticated: boolean; /** * The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. * 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. */ status_code: number; member_session?: MemberSession; mfa_required?: MfaRequired; /** * If a valid `telemetry_id` was passed in the request and the * [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) returned results, the * `member_device` response field will contain information about the member's device attributes. */ member_device?: DeviceInfo; } export declare class Sessions { private fetchConfig; constructor(fetchConfig: fetchConfig); /** * Reset the Member's password using their existing session. The endpoint will error if the session does * not contain an authentication factor that has been issued within the last 5 minutes. Either * `session_token` or `session_jwt` should be provided. * * Note that a successful password reset via an existing session will revoke all active sessions for the * `member_id`, except for the one used during the reset flow. * @param data {@link B2BPasswordsSessionResetRequest} * @returns {@link B2BPasswordsSessionResetResponse} * @async * @throws A {@link StytchError} on a non-2xx response from the Stytch API * @throws A {@link RequestError} when the Stytch API cannot be reached */ reset(data: B2BPasswordsSessionResetRequest): Promise; }