diff --git a/lib/b2b/discovery_intermediate_sessions.ts b/lib/b2b/discovery_intermediate_sessions.ts index fed21603..ed44639a 100644 --- a/lib/b2b/discovery_intermediate_sessions.ts +++ b/lib/b2b/discovery_intermediate_sessions.ts @@ -15,16 +15,14 @@ import { request } from "../shared"; export interface B2BDiscoveryIntermediateSessionsExchangeRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; @@ -102,17 +100,16 @@ export interface B2BDiscoveryIntermediateSessionsExchangeResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token is identical to the one that was originally passed in to the - * request. - * The token can be used with the + * request. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/lib/b2b/discovery_organizations.ts b/lib/b2b/discovery_organizations.ts index fb09152b..ef1bef31 100644 --- a/lib/b2b/discovery_organizations.ts +++ b/lib/b2b/discovery_organizations.ts @@ -20,16 +20,14 @@ import { request } from "../shared"; export interface B2BDiscoveryOrganizationsCreateRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; @@ -208,17 +206,16 @@ export interface B2BDiscoveryOrganizationsCreateResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token is identical to the one that was originally passed in to the - * request. - * The token can be used with the + * request. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** @@ -239,16 +236,14 @@ export interface B2BDiscoveryOrganizationsCreateResponse { export interface B2BDiscoveryOrganizationsListRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/lib/b2b/magic_links.ts b/lib/b2b/magic_links.ts index 26b30fba..09d55166 100644 --- a/lib/b2b/magic_links.ts +++ b/lib/b2b/magic_links.ts @@ -78,6 +78,12 @@ export interface B2BMagicLinksAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } @@ -116,17 +122,16 @@ export interface B2BMagicLinksAuthenticateResponse { organization: Organization; /** * The returned Intermediate Session Token contains an Email Magic Link factor associated with the Member's - * email address. - * The token can be used with the + * email address. If this value is non-empty, the member must complete an MFA step to finish logging in to + * the Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization that allows login with Email Magic Links, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/lib/b2b/magic_links_discovery.ts b/lib/b2b/magic_links_discovery.ts index c5f0509d..2779c552 100644 --- a/lib/b2b/magic_links_discovery.ts +++ b/lib/b2b/magic_links_discovery.ts @@ -26,16 +26,14 @@ export interface B2BMagicLinksDiscoveryAuthenticateResponse { request_id: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/lib/b2b/oauth.ts b/lib/b2b/oauth.ts index 78b1c235..2f4c6961 100644 --- a/lib/b2b/oauth.ts +++ b/lib/b2b/oauth.ts @@ -20,7 +20,10 @@ export interface B2BOAuthProviderValues { * are included by default and how to add custom scopes. */ scopes: string[]; - // The `refresh_token` that you may use to refresh a User's session within the provider's API. + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; expires_at?: string; /** @@ -85,6 +88,12 @@ export interface B2BOAuthAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } @@ -128,17 +137,16 @@ export interface B2BOAuthAuthenticateResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token contains an OAuth factor associated with the Member's email - * address. - * The token can be used with the + * address. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization that allows login with OAuth, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/lib/b2b/oauth_discovery.ts b/lib/b2b/oauth_discovery.ts index 83fa3261..5c3302f8 100644 --- a/lib/b2b/oauth_discovery.ts +++ b/lib/b2b/oauth_discovery.ts @@ -30,16 +30,14 @@ export interface B2BOAuthDiscoveryAuthenticateResponse { request_id: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/lib/b2b/organizations_members.ts b/lib/b2b/organizations_members.ts index 62963033..35b66c62 100644 --- a/lib/b2b/organizations_members.ts +++ b/lib/b2b/organizations_members.ts @@ -417,9 +417,9 @@ export interface B2BOrganizationsMembersUpdateRequest { * The name of the Member. * * If this field is provided and a session header is passed into the request, the Member Session must have - * permission to perform the `update.info.name` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the - * request, the authorization check will also allow a Member Session that has permission to perform the + * permission to perform the `update.info.name` action on the `stytch.member` Resource. Alternatively, if + * the Member Session matches the Member associated with the `member_id` passed in the request, the + * authorization check will also allow a Member Session that has permission to perform the * `update.info.name` action on the `stytch.self` Resource. */ name?: string; @@ -438,7 +438,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.info.untrusted-metadata` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.info.untrusted-metadata` action on the `stytch.self` Resource. */ @@ -461,9 +461,9 @@ export interface B2BOrganizationsMembersUpdateRequest { * delete the Member's existing phone number first. * * If this field is provided and a session header is passed into the request, the Member Session must have - * permission to perform the `update.info.mfa-phone` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the - * request, the authorization check will also allow a Member Session that has permission to perform the + * permission to perform the `update.info.mfa-phone` action on the `stytch.member` Resource. Alternatively, + * if the Member Session matches the Member associated with the `member_id` passed in the request, the + * authorization check will also allow a Member Session that has permission to perform the * `update.info.mfa-phone` action on the `stytch.self` Resource. */ mfa_phone_number?: string; @@ -474,7 +474,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.settings.mfa-enrolled` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.settings.mfa-enrolled` action on the `stytch.self` Resource. */ @@ -510,7 +510,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.settings.default-mfa-method` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.settings.default-mfa-method` action on the `stytch.self` Resource. */ diff --git a/lib/b2b/organizations_members_oauth_providers.ts b/lib/b2b/organizations_members_oauth_providers.ts index 61738677..1764f69d 100644 --- a/lib/b2b/organizations_members_oauth_providers.ts +++ b/lib/b2b/organizations_members_oauth_providers.ts @@ -46,6 +46,10 @@ export interface B2BOrganizationsMembersOAuthProvidersGoogleResponse { * 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. */ status_code: number; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; } @@ -64,6 +68,11 @@ export interface B2BOrganizationsMembersOAuthProvidersMicrosoftRequest { * operations on a Member, so be sure to preserve this value. */ member_id: string; + /** + * Whether to return the refresh token Stytch has stored for the OAuth Provider. Defaults to false. + * **Important:** If your application exchanges the refresh token, Stytch may not be able to automatically + * refresh access tokens in the future. + */ include_refresh_token?: boolean; } @@ -105,6 +114,10 @@ export interface B2BOrganizationsMembersOAuthProvidersMicrosoftResponse { * 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. */ status_code: number; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; } diff --git a/lib/b2b/otp_sms.ts b/lib/b2b/otp_sms.ts index 36ef3d9c..906b83e2 100644 --- a/lib/b2b/otp_sms.ts +++ b/lib/b2b/otp_sms.ts @@ -26,16 +26,14 @@ export interface B2BOTPSmsAuthenticateRequest { code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; @@ -143,16 +141,14 @@ export interface B2BOTPSmsSendRequest { locale?: "en" | "es" | "pt-br" | string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/lib/b2b/passwords.ts b/lib/b2b/passwords.ts index 3c757068..f5fda11f 100644 --- a/lib/b2b/passwords.ts +++ b/lib/b2b/passwords.ts @@ -117,6 +117,12 @@ export interface B2BPasswordsAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } @@ -143,14 +149,14 @@ export interface B2BPasswordsAuthenticateResponse { // The [Organization object](https://stytch.com/docs/b2b/api/organization-object). organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/lib/b2b/passwords_email.ts b/lib/b2b/passwords_email.ts index 64ef16aa..0002e747 100644 --- a/lib/b2b/passwords_email.ts +++ b/lib/b2b/passwords_email.ts @@ -78,6 +78,12 @@ export interface B2BPasswordsEmailResetRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } @@ -106,14 +112,14 @@ export interface B2BPasswordsEmailResetResponse { // The [Organization object](https://stytch.com/docs/b2b/api/organization-object). organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/lib/b2b/passwords_existing_password.ts b/lib/b2b/passwords_existing_password.ts index 41d47657..922480d9 100644 --- a/lib/b2b/passwords_existing_password.ts +++ b/lib/b2b/passwords_existing_password.ts @@ -91,14 +91,14 @@ export interface B2BPasswordsExistingPasswordResetResponse { // The [Organization object](https://stytch.com/docs/b2b/api/organization-object). organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/lib/b2b/passwords_session.ts b/lib/b2b/passwords_session.ts index bcc19c62..3314c450 100644 --- a/lib/b2b/passwords_session.ts +++ b/lib/b2b/passwords_session.ts @@ -84,16 +84,14 @@ export interface B2BPasswordsSessionResetResponse { session_jwt: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/lib/b2b/recovery_codes.ts b/lib/b2b/recovery_codes.ts index 61f902da..c4476b57 100644 --- a/lib/b2b/recovery_codes.ts +++ b/lib/b2b/recovery_codes.ts @@ -65,16 +65,14 @@ export interface B2BRecoveryCodesRecoverRequest { recovery_code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/lib/b2b/sessions.ts b/lib/b2b/sessions.ts index 9ab66c75..41588f15 100644 --- a/lib/b2b/sessions.ts +++ b/lib/b2b/sessions.ts @@ -263,17 +263,16 @@ export interface B2BSessionsExchangeResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token contains any Email Magic Link or OAuth factors from the original - * member session that are valid for the target Organization. - * The token can be used with the + * member session that are valid for the target Organization. If this value is non-empty, the member must + * complete an MFA step to finish logging in to the Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the target Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/lib/b2b/sso.ts b/lib/b2b/sso.ts index fe429c83..fa010261 100644 --- a/lib/b2b/sso.ts +++ b/lib/b2b/sso.ts @@ -163,6 +163,12 @@ export interface B2BSSOAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } @@ -196,14 +202,14 @@ export interface B2BSSOAuthenticateResponse { // The [Organization object](https://stytch.com/docs/b2b/api/organization-object). organization: Organization; /** - * The returned Intermediate Session Token contains an SSO factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains an SSO factor associated with the Member. If this value + * is non-empty, the member must complete an MFA step to finish logging in to the Organization. The token + * can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * SSO factors are not transferable between Organizations, so the intermediate session token is not - * valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. SSO factors are not transferable between Organizations, so the + * intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/lib/b2b/totps.ts b/lib/b2b/totps.ts index 4931b462..95f35b51 100644 --- a/lib/b2b/totps.ts +++ b/lib/b2b/totps.ts @@ -26,16 +26,14 @@ export interface B2BTOTPsAuthenticateRequest { code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; @@ -137,16 +135,14 @@ export interface B2BTOTPsCreateRequest { expiration_minutes?: number; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/lib/b2c/oauth.ts b/lib/b2c/oauth.ts index 5ac7af5c..020fcddc 100644 --- a/lib/b2c/oauth.ts +++ b/lib/b2c/oauth.ts @@ -13,7 +13,10 @@ import { User } from "./users"; export interface OAuthProviderValues { // The `access_token` that you may use to access the User's data in the provider's API. access_token: string; - // The `refresh_token` that you may use to refresh a User's session within the provider's API. + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token: string; /** * The `id_token` returned by the OAuth provider. ID Tokens are JWTs that contain structured information diff --git a/lib/b2c/sessions.ts b/lib/b2c/sessions.ts index e5ccd937..b1dbcc23 100644 --- a/lib/b2c/sessions.ts +++ b/lib/b2c/sessions.ts @@ -15,14 +15,14 @@ import { JwtConfig, authenticateSessionJwtLocal } from "../shared/sessions"; export interface AmazonOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface AppleOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface AuthenticationFactor { @@ -160,14 +160,14 @@ export interface BiometricFactor { export interface BitbucketOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface CoinbaseOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface CryptoWalletFactor { @@ -178,8 +178,8 @@ export interface CryptoWalletFactor { export interface DiscordOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface EmailFactor { @@ -195,38 +195,38 @@ export interface EmbeddableMagicLinkFactor { export interface FacebookOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface FigmaOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GitLabOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GithubOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GoogleOAuthFactor { // The unique ID of an OAuth registration. id: string; - // The globally unique UUID of the Member's email. - email_id: string; /** * The unique identifier for the User within a given OAuth provider. Also commonly called the `sub` or * "Subject field" in OAuth protocols. */ provider_subject: string; + // The globally unique UUID of the Member's email. + email_id?: string; } export interface HubspotOAuthExchangeFactor { @@ -235,14 +235,14 @@ export interface HubspotOAuthExchangeFactor { export interface HubspotOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface InstagramOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface JWK { @@ -259,20 +259,20 @@ export interface JWK { export interface LinkedInOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface MicrosoftOAuthFactor { // The unique ID of an OAuth registration. id: string; - // The globally unique UUID of the Member's email. - email_id: string; /** * The unique identifier for the User within a given OAuth provider. Also commonly called the `sub` or * "Subject field" in OAuth protocols. */ provider_subject: string; + // The globally unique UUID of the Member's email. + email_id?: string; } export interface OIDCSSOFactor { @@ -306,8 +306,8 @@ export interface SAMLSSOFactor { export interface SalesforceOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface Session { @@ -343,8 +343,8 @@ export interface Session { export interface ShopifyOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SlackOAuthExchangeFactor { @@ -353,44 +353,44 @@ export interface SlackOAuthExchangeFactor { export interface SlackOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SnapchatOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SpotifyOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SteamOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TikTokOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TwitchOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TwitterOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface WebAuthnFactor { @@ -401,8 +401,8 @@ export interface WebAuthnFactor { export interface YahooOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } // Request type for `sessions.authenticate`. diff --git a/package-lock.json b/package-lock.json index a0ea4cef..d073abc4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "stytch", - "version": "10.9.0", + "version": "10.10.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "stytch", - "version": "10.9.0", + "version": "10.10.0", "license": "MIT", "dependencies": { "jose": "^4.14.6", diff --git a/package.json b/package.json index 2dbc8258..29ca458d 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "stytch", - "version": "10.9.0", + "version": "10.10.0", "description": "A wrapper for the Stytch API", "types": "./types/lib/index.d.ts", "main": "./dist/index.js", diff --git a/types/lib/b2b/discovery_intermediate_sessions.d.ts b/types/lib/b2b/discovery_intermediate_sessions.d.ts index bbc05096..c8263827 100644 --- a/types/lib/b2b/discovery_intermediate_sessions.d.ts +++ b/types/lib/b2b/discovery_intermediate_sessions.d.ts @@ -5,16 +5,14 @@ import { MfaRequired } from "./mfa"; export interface B2BDiscoveryIntermediateSessionsExchangeRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; @@ -85,17 +83,16 @@ export interface B2BDiscoveryIntermediateSessionsExchangeResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token is identical to the one that was originally passed in to the - * request. - * The token can be used with the + * request. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/discovery_organizations.d.ts b/types/lib/b2b/discovery_organizations.d.ts index 1076597a..87964a20 100644 --- a/types/lib/b2b/discovery_organizations.d.ts +++ b/types/lib/b2b/discovery_organizations.d.ts @@ -6,16 +6,14 @@ import { MfaRequired } from "./mfa"; export interface B2BDiscoveryOrganizationsCreateRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; @@ -186,17 +184,16 @@ export interface B2BDiscoveryOrganizationsCreateResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token is identical to the one that was originally passed in to the - * request. - * The token can be used with the + * request. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** @@ -212,16 +209,14 @@ export interface B2BDiscoveryOrganizationsCreateResponse { export interface B2BDiscoveryOrganizationsListRequest { /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/types/lib/b2b/magic_links.d.ts b/types/lib/b2b/magic_links.d.ts index fbc6940d..c638b87a 100644 --- a/types/lib/b2b/magic_links.d.ts +++ b/types/lib/b2b/magic_links.d.ts @@ -66,6 +66,12 @@ export interface B2BMagicLinksAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } export interface B2BMagicLinksAuthenticateResponse { @@ -95,17 +101,16 @@ export interface B2BMagicLinksAuthenticateResponse { organization: Organization; /** * The returned Intermediate Session Token contains an Email Magic Link factor associated with the Member's - * email address. - * The token can be used with the + * email address. If this value is non-empty, the member must complete an MFA step to finish logging in to + * the Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization that allows login with Email Magic Links, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/magic_links_discovery.d.ts b/types/lib/b2b/magic_links_discovery.d.ts index b2480c23..ad62afaa 100644 --- a/types/lib/b2b/magic_links_discovery.d.ts +++ b/types/lib/b2b/magic_links_discovery.d.ts @@ -12,16 +12,14 @@ export interface B2BMagicLinksDiscoveryAuthenticateResponse { request_id: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/types/lib/b2b/oauth.d.ts b/types/lib/b2b/oauth.d.ts index 3db53d06..825dbfc1 100644 --- a/types/lib/b2b/oauth.d.ts +++ b/types/lib/b2b/oauth.d.ts @@ -10,6 +10,10 @@ export interface B2BOAuthProviderValues { * are included by default and how to add custom scopes. */ scopes: string[]; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; expires_at?: string; /** @@ -68,6 +72,12 @@ export interface B2BOAuthAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } export interface B2BOAuthAuthenticateResponse { @@ -104,17 +114,16 @@ export interface B2BOAuthAuthenticateResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token contains an OAuth factor associated with the Member's email - * address. - * The token can be used with the + * address. If this value is non-empty, the member must complete an MFA step to finish logging in to the + * Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization that allows login with OAuth, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/oauth_discovery.d.ts b/types/lib/b2b/oauth_discovery.d.ts index f6560da4..7f3783eb 100644 --- a/types/lib/b2b/oauth_discovery.d.ts +++ b/types/lib/b2b/oauth_discovery.d.ts @@ -16,16 +16,14 @@ export interface B2BOAuthDiscoveryAuthenticateResponse { request_id: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/types/lib/b2b/organizations_members.d.ts b/types/lib/b2b/organizations_members.d.ts index 6fe48c17..f714bd3a 100644 --- a/types/lib/b2b/organizations_members.d.ts +++ b/types/lib/b2b/organizations_members.d.ts @@ -336,9 +336,9 @@ export interface B2BOrganizationsMembersUpdateRequest { * The name of the Member. * * If this field is provided and a session header is passed into the request, the Member Session must have - * permission to perform the `update.info.name` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the - * request, the authorization check will also allow a Member Session that has permission to perform the + * permission to perform the `update.info.name` action on the `stytch.member` Resource. Alternatively, if + * the Member Session matches the Member associated with the `member_id` passed in the request, the + * authorization check will also allow a Member Session that has permission to perform the * `update.info.name` action on the `stytch.self` Resource. */ name?: string; @@ -357,7 +357,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.info.untrusted-metadata` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.info.untrusted-metadata` action on the `stytch.self` Resource. */ @@ -380,9 +380,9 @@ export interface B2BOrganizationsMembersUpdateRequest { * delete the Member's existing phone number first. * * If this field is provided and a session header is passed into the request, the Member Session must have - * permission to perform the `update.info.mfa-phone` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the - * request, the authorization check will also allow a Member Session that has permission to perform the + * permission to perform the `update.info.mfa-phone` action on the `stytch.member` Resource. Alternatively, + * if the Member Session matches the Member associated with the `member_id` passed in the request, the + * authorization check will also allow a Member Session that has permission to perform the * `update.info.mfa-phone` action on the `stytch.self` Resource. */ mfa_phone_number?: string; @@ -393,7 +393,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.settings.mfa-enrolled` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.settings.mfa-enrolled` action on the `stytch.self` Resource. */ @@ -429,7 +429,7 @@ export interface B2BOrganizationsMembersUpdateRequest { * * If this field is provided and a session header is passed into the request, the Member Session must have * permission to perform the `update.settings.default-mfa-method` action on the `stytch.member` Resource. - * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the + * Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the * request, the authorization check will also allow a Member Session that has permission to perform the * `update.settings.default-mfa-method` action on the `stytch.self` Resource. */ diff --git a/types/lib/b2b/organizations_members_oauth_providers.d.ts b/types/lib/b2b/organizations_members_oauth_providers.d.ts index 19f2b377..95560b42 100644 --- a/types/lib/b2b/organizations_members_oauth_providers.d.ts +++ b/types/lib/b2b/organizations_members_oauth_providers.d.ts @@ -34,6 +34,10 @@ export interface B2BOrganizationsMembersOAuthProvidersGoogleResponse { * 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. */ status_code: number; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; } /** @@ -51,6 +55,11 @@ export interface B2BOrganizationsMembersOAuthProvidersMicrosoftRequest { * operations on a Member, so be sure to preserve this value. */ member_id: string; + /** + * Whether to return the refresh token Stytch has stored for the OAuth Provider. Defaults to false. + * **Important:** If your application exchanges the refresh token, Stytch may not be able to automatically + * refresh access tokens in the future. + */ include_refresh_token?: boolean; } export interface B2BOrganizationsMembersOAuthProvidersMicrosoftResponse { @@ -88,6 +97,10 @@ export interface B2BOrganizationsMembersOAuthProvidersMicrosoftResponse { * 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors. */ status_code: number; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token?: string; } export declare class OAuthProviders { diff --git a/types/lib/b2b/otp_sms.d.ts b/types/lib/b2b/otp_sms.d.ts index 13b476da..045cc9cf 100644 --- a/types/lib/b2b/otp_sms.d.ts +++ b/types/lib/b2b/otp_sms.d.ts @@ -15,16 +15,14 @@ export interface B2BOTPSmsAuthenticateRequest { code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; @@ -120,16 +118,14 @@ export interface B2BOTPSmsSendRequest { locale?: "en" | "es" | "pt-br" | string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/types/lib/b2b/passwords.d.ts b/types/lib/b2b/passwords.d.ts index bf83dd4a..f6a0f60d 100644 --- a/types/lib/b2b/passwords.d.ts +++ b/types/lib/b2b/passwords.d.ts @@ -92,6 +92,12 @@ export interface B2BPasswordsAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } export interface B2BPasswordsAuthenticateResponse { @@ -111,14 +117,14 @@ export interface B2BPasswordsAuthenticateResponse { session_jwt: string; organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/passwords_email.d.ts b/types/lib/b2b/passwords_email.d.ts index 453e75ba..0d0defb3 100644 --- a/types/lib/b2b/passwords_email.d.ts +++ b/types/lib/b2b/passwords_email.d.ts @@ -65,6 +65,12 @@ export interface B2BPasswordsEmailResetRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } export interface B2BPasswordsEmailResetResponse { @@ -85,14 +91,14 @@ export interface B2BPasswordsEmailResetResponse { session_jwt: string; organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/passwords_existing_password.d.ts b/types/lib/b2b/passwords_existing_password.d.ts index 97a412d8..b82570c5 100644 --- a/types/lib/b2b/passwords_existing_password.d.ts +++ b/types/lib/b2b/passwords_existing_password.d.ts @@ -69,14 +69,14 @@ export interface B2BPasswordsExistingPasswordResetResponse { session_jwt: string; organization: Organization; /** - * The returned Intermediate Session Token contains a password factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains a password factor associated with the Member. If this + * value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The + * token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * Password factors are not transferable between Organizations, so the intermediate session token is - * not valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. Password factors are not transferable between Organizations, so + * the intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/passwords_session.d.ts b/types/lib/b2b/passwords_session.d.ts index 5b61115d..3a136c6f 100644 --- a/types/lib/b2b/passwords_session.d.ts +++ b/types/lib/b2b/passwords_session.d.ts @@ -64,16 +64,14 @@ export interface B2BPasswordsSessionResetResponse { session_jwt: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; diff --git a/types/lib/b2b/recovery_codes.d.ts b/types/lib/b2b/recovery_codes.d.ts index 96549b64..cc212cd3 100644 --- a/types/lib/b2b/recovery_codes.d.ts +++ b/types/lib/b2b/recovery_codes.d.ts @@ -47,16 +47,14 @@ export interface B2BRecoveryCodesRecoverRequest { recovery_code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/types/lib/b2b/sessions.d.ts b/types/lib/b2b/sessions.d.ts index 1f5da7ac..3034b862 100644 --- a/types/lib/b2b/sessions.d.ts +++ b/types/lib/b2b/sessions.d.ts @@ -221,17 +221,16 @@ export interface B2BSessionsExchangeResponse { member_authenticated: boolean; /** * The returned Intermediate Session Token contains any Email Magic Link or OAuth factors from the original - * member session that are valid for the target Organization. - * The token can be used with the + * member session that are valid for the target Organization. If this value is non-empty, the member must + * complete an MFA step to finish logging in to the Organization. The token can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the target Organization. - * It can also be used with the + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) - * to join a different existing Organization, - * or the - * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization. + * to join a specific Organization that allows the factors represented by the intermediate session token; + * or the + * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/sso.d.ts b/types/lib/b2b/sso.d.ts index 0689abce..735bfef7 100644 --- a/types/lib/b2b/sso.d.ts +++ b/types/lib/b2b/sso.d.ts @@ -139,6 +139,12 @@ export interface B2BSSOAuthenticateRequest { * */ locale?: "en" | "es" | "pt-br" | string; + /** + * Adds this primary authentication factor to the intermediate session token. If the resulting set of + * factors satisfies the organization's primary authentication requirements and MFA requirements, the + * intermediate session token will be consumed and converted to a member session. If not, the same + * intermediate session token will be returned. + */ intermediate_session_token?: string; } export interface B2BSSOAuthenticateResponse { @@ -165,14 +171,14 @@ export interface B2BSSOAuthenticateResponse { reset_session: boolean; organization: Organization; /** - * The returned Intermediate Session Token contains an SSO factor associated with the Member. - * The token can be used with the + * The returned Intermediate Session Token contains an SSO factor associated with the Member. If this value + * is non-empty, the member must complete an MFA step to finish logging in to the Organization. The token + * can be used with the * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete the MFA flow and log in to the Organization. - * SSO factors are not transferable between Organizations, so the intermediate session token is not - * valid for use with discovery endpoints. + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. SSO factors are not transferable between Organizations, so the + * intermediate session token is not valid for use with discovery endpoints. */ intermediate_session_token: string; /** diff --git a/types/lib/b2b/totps.d.ts b/types/lib/b2b/totps.d.ts index f8caeeff..2f1a42ad 100644 --- a/types/lib/b2b/totps.d.ts +++ b/types/lib/b2b/totps.d.ts @@ -15,16 +15,14 @@ export interface B2BTOTPsAuthenticateRequest { code: string; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; @@ -114,16 +112,14 @@ export interface B2BTOTPsCreateRequest { expiration_minutes?: number; /** * The Intermediate Session Token. This token does not necessarily belong to a specific instance of a - * Member, but represents a bag of factors that may be converted to a member session. - * The token can be used with the - * [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), - * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), - * or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to - * complete an MFA flow; - * the + * Member, but represents a bag of factors that may be converted to a member session. The token can be used + * with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), + * [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or + * [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an + * MFA flow and log in to the Organization. It can also be used with the * [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) * to join a specific Organization that allows the factors represented by the intermediate session token; - * or the + * or the * [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. */ intermediate_session_token?: string; diff --git a/types/lib/b2c/oauth.d.ts b/types/lib/b2c/oauth.d.ts index b9b2f312..41f1629b 100644 --- a/types/lib/b2c/oauth.d.ts +++ b/types/lib/b2c/oauth.d.ts @@ -3,6 +3,10 @@ import { Session } from "./sessions"; import { User } from "./users"; export interface OAuthProviderValues { access_token: string; + /** + * The `refresh_token` that you may use to obtain a new `access_token` for the User within the provider's + * API. + */ refresh_token: string; /** * The `id_token` returned by the OAuth provider. ID Tokens are JWTs that contain structured information diff --git a/types/lib/b2c/sessions.d.ts b/types/lib/b2c/sessions.d.ts index 1a7cc976..41599ab5 100644 --- a/types/lib/b2c/sessions.d.ts +++ b/types/lib/b2c/sessions.d.ts @@ -4,13 +4,13 @@ import { User } from "./users"; import { JwtConfig } from "../shared/sessions"; export interface AmazonOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface AppleOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface AuthenticationFactor { /** @@ -81,13 +81,13 @@ export interface BiometricFactor { } export interface BitbucketOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface CoinbaseOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface CryptoWalletFactor { crypto_wallet_id: string; @@ -96,8 +96,8 @@ export interface CryptoWalletFactor { } export interface DiscordOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface EmailFactor { email_id: string; @@ -108,45 +108,45 @@ export interface EmbeddableMagicLinkFactor { } export interface FacebookOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface FigmaOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GitLabOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GithubOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface GoogleOAuthFactor { id: string; - email_id: string; /** * The unique identifier for the User within a given OAuth provider. Also commonly called the `sub` or * "Subject field" in OAuth protocols. */ provider_subject: string; + email_id?: string; } export interface HubspotOAuthExchangeFactor { email_id: string; } export interface HubspotOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface InstagramOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface JWK { kty: string; @@ -161,17 +161,17 @@ export interface JWK { } export interface LinkedInOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface MicrosoftOAuthFactor { id: string; - email_id: string; /** * The unique identifier for the User within a given OAuth provider. Also commonly called the `sub` or * "Subject field" in OAuth protocols. */ provider_subject: string; + email_id?: string; } export interface OIDCSSOFactor { id: string; @@ -192,8 +192,8 @@ export interface SAMLSSOFactor { } export interface SalesforceOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface Session { session_id: string; @@ -223,46 +223,46 @@ export interface Session { } export interface ShopifyOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SlackOAuthExchangeFactor { email_id: string; } export interface SlackOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SnapchatOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SpotifyOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SteamOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TikTokOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TwitchOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface TwitterOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface WebAuthnFactor { webauthn_registration_id: string; @@ -271,8 +271,8 @@ export interface WebAuthnFactor { } export interface YahooOAuthFactor { id: string; - email_id: string; provider_subject: string; + email_id?: string; } export interface SessionsAuthenticateRequest { session_token?: string;