class StytchB2B::Organizations::Members
def create(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +String+.
An identifier that can be used in most API calls where a `member_id` is expected. This is a string consisting of alphanumeric, `.`, `_`, `-`, or `|` characters with a maximum length of 128 characters. External IDs must be unique within an organization, but may be reused across different organizations in the same project.
external_id::
The type of this field is nilable list of +String+.
for more information about role assignment.
Roles to explicitly assign to this Member. See the [RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment)
roles::
The type of this field is nilable +Boolean+.
Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
mfa_enrolled::
The type of this field is nilable +String+.
The Member's phone number. A Member may only have one phone number. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX).
mfa_phone_number::
The type of this field is nilable +Boolean+.
Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](https://stytch.com/docs/b2b/api/organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
is_breakglass::
The type of this field is nilable +Boolean+.
Flag for whether or not to save a Member as `pending` or `active` in Stytch. It defaults to false. If true, new Members will be created with status `pending` in Stytch's backend. Their status will remain `pending` and they will continue to receive signup email templates for every Email Magic Link until that Member authenticates and becomes `active`. If false, new Members will be created with status `active`.
create_member_as_pending::
The type of this field is nilable +object+.
for complete field behavior details.
frontend SDK, and should not be used to store critical information. See the [Metadata resource](https://stytch.com/docs/b2b/api/metadata)
An arbitrary JSON object of application-specific data. These fields can be edited directly by the
untrusted_metadata::
The type of this field is nilable +object+.
An arbitrary JSON object for storing application-specific data or identity-provider-specific data.
trusted_metadata::
The type of this field is nilable +String+.
The name of the Member.
name::
The type of this field is +String+.
The email address of the Member.
email_address::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Creates a Member. An `organization_id` and `email_address` are required.
def create( organization_id:, email_address:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, create_member_as_pending: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, external_id: nil, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = { email_address: email_address } request[:name] = name unless name.nil? request[:trusted_metadata] = trusted_metadata unless trusted_metadata.nil? request[:untrusted_metadata] = untrusted_metadata unless untrusted_metadata.nil? request[:create_member_as_pending] = create_member_as_pending unless create_member_as_pending.nil? request[:is_breakglass] = is_breakglass unless is_breakglass.nil? request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil? request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil? request[:roles] = roles unless roles.nil? request[:external_id] = external_id unless external_id.nil? post_request("/v1/b2b/organizations/#{organization_id}/members", request, headers) end
def dangerously_get(
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +Boolean+.
Whether to include deleted Members in the response. Defaults to false.
include_deleted::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
member_id::
== Parameters:
Get a Member by `member_id`. This endpoint does not require an `organization_id`, enabling you to get members across organizations. This is a dangerous operation. Incorrect use may open you up to indirect object reference (IDOR) attacks. We recommend using the [Get Member](https://stytch.com/docs/b2b/api/get-member) API instead.
def dangerously_get( member_id:, include_deleted: nil ) headers = {} query_params = { include_deleted: include_deleted } request = request_with_query_params("/v1/b2b/organizations/members/dangerously_get/#{member_id}", query_params) get_request(request, headers) end
def delete(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Deletes a Member specified by `organization_id` and `member_id`.
def delete( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", headers) end
def delete_external_id(
def delete_external_id( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/external_id", headers) end
def delete_mfa_phone_number(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
and calling the [OTP SMS send](https://stytch.com/docs/b2b/api/otp-sms-send) endpoint, then calling the [OTP SMS Authenticate](https://stytch.com/docs/b2b/api/authenticate-otp-sms) endpoint.
If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number
Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again.
To change a Member's phone number, you must first call this endpoint to delete the existing phone number.
Delete a Member's MFA phone number.
def delete_mfa_phone_number( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? delete_request("/v1/b2b/organizations/#{organization_id}/members/mfa_phone_numbers/#{member_id}", headers) end
def delete_password(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a Member's password.
member_password_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
This endpoint only works for Organization-scoped passwords. For cross-org password Projects, use [Require Password Reset By Email](https://stytch.com/docs/b2b/api/passwords-require-reset-by-email) instead.
Delete a Member's password.
def delete_password( organization_id:, member_password_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? delete_request("/v1/b2b/organizations/#{organization_id}/members/passwords/#{member_password_id}", headers) end
def delete_totp(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Existing Member Sessions that include the TOTP authentication factor will not be revoked if the registration is deleted, and MFA will not be enforced until the Member logs in again.
To mint a new registration for a Member, you must first call this endpoint to delete the existing registration.
Delete a Member's MFA TOTP registration.
def delete_totp( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? delete_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/totp", headers) end
def get(
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +String+.
The email address of the Member.
email_address::
The type of this field is nilable +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Get a Member by `member_id` or `email_address`.
def get( organization_id:, member_id: nil, email_address: nil ) headers = {} query_params = { member_id: member_id, email_address: email_address } request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/member", query_params) get_request(request, headers) end
def get_connected_apps(
== Method Options:
The type of this field is +Integer+.
(no documentation yet)
status_code::
The type of this field is list of +MemberConnectedApp+ (+object+).
An array of Connected Apps with which the Member has successfully completed an authorization flow.
connected_apps::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
App policy changes.
no longer be returned in the response. A Connected App's access may also be revoked if the Organization's allowed Connected
If the Member revokes a Connected App's access (e.g. via the Revoke Connected App endpoint) then the Connected App will
authorization flow.
Member Get Connected Apps retrieves a list of Connected Apps with which the Member has successfully completed an
def get_connected_apps( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? query_params = {} request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/connected_apps", query_params) get_request(request, headers) end
def initialize(connection)
def initialize(connection) @connection = connection @oauth_providers = StytchB2B::Organizations::Members::OAuthProviders.new(@connection) @connected_apps = StytchB2B::Organizations::Members::ConnectedApps.new(@connection) end
def oidc_providers(
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is list of +OIDCProviderInfo+ (+object+).
A list of tokens the member is registered with.
registrations::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +Boolean+.
Whether to return the refresh token Stytch has stored for the OAuth Provider. Defaults to false. **Important:** If your application exchanges the refresh token, Stytch may not be able to automatically refresh access tokens in the future.
include_refresh_token::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
access token automatically.
issued access token and ID token from the identity provider. If a refresh token has been issued, Stytch will refresh the
Retrieve the saved OIDC access tokens and ID tokens for a member. After a successful OIDC login, Stytch will save the
def oidc_providers( organization_id:, member_id:, include_refresh_token: nil ) headers = {} query_params = { include_refresh_token: include_refresh_token } request = request_with_query_params("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/oidc_providers", query_params) get_request(request, headers) end
def reactivate(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Note that this endpoint does not accept an `external_id`. The Stytch `member_id` must be provided.
Reactivates a deleted Member's status and its associated email status (if applicable) to active, specified by `organization_id` and `member_id`. This endpoint will only work for Members with at least one verified email where their `email_address_verified` is `true`.
def reactivate( organization_id:, member_id:, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = {} put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/reactivate", request, headers) end
def search(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is map of +String+ to +Organization+ (+object+).
A map from `organization_id` to [Organization object](https://stytch.com/docs/b2b/api/organization-object). The map only contains the Organizations that the Members belongs to.
organizations::
The type of this field is +ResultsMetadata+ (+object+).
The search `results_metadata` object contains metadata relevant to your specific query like `total` and `next_cursor`.
results_metadata::
The type of this field is list of +Member+ (+object+).
An array of [Member objects](https://stytch.com/docs/b2b/api/member-object).
members::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +SearchQuery+ (+object+).
The optional query object contains the operator, i.e. `AND` or `OR`, and the operands that will filter your results. Only an operator is required. If you include no operands, no filtering will be applied. If you include no query object, it will return all Members with no filtering applied.
query::
The type of this field is nilable +Integer+.
The number of search results to return per page. The default limit is 100. A maximum of 1000 results can be returned by a single search request. If the total size of your result set is greater than one page size, you must paginate the response. See the `cursor` field.
limit::
The type of this field is nilable +String+.
The `cursor` field allows you to paginate through your results. Each result array is limited to 1000 results. If your query returns more than 1000 results, you will need to paginate the responses using the `cursor`. If you receive a response that includes a non-null `next_cursor` in the `results_metadata` object, repeat the search call with the `next_cursor` value set to the `cursor` field to retrieve the next page of results. Continue to make search calls until the `next_cursor` in the response is null.
cursor::
The type of this field is list of +String+.
An array of organization_ids. At least one value is required.
organization_ids::
== Parameters:
All fuzzy search filters require a minimum of three characters.
Search for Members within specified Organizations. An array with at least one `organization_id` is required. Submitting an empty `query` returns all non-deleted Members within the specified Organizations.
**Warning**: This endpoint is not recommended for use in login flows. Scaling issues may occur, as search performance may vary from ~150 milliseconds to 9 seconds depending on query complexity and rate limits are set to 100 requests/minute.
def search( organization_ids:, cursor: nil, limit: nil, query: nil, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = { organization_ids: organization_ids } request[:cursor] = cursor unless cursor.nil? request[:limit] = limit unless limit.nil? request[:query] = query unless query.nil? post_request('/v1/b2b/organizations/members/search', request, headers) end
def start_email_update(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +StartEmailUpdateRequestDeliveryMethod+ (string enum).
The method that should be used to verify a member's new email address. The options are `EMAIL_MAGIC_LINK` or `EMAIL_OTP`. This field is optional, if no value is provided, `EMAIL_MAGIC_LINK` will be used.
delivery_method::
The type of this field is nilable +String+.
Use a custom template for login emails. By default, it will use your default email template. Templates can be added in the [Stytch dashboard](https://stytch.com/dashboard/templates) using our built-in customization options or custom HTML templates with type “Magic Links - Login”.
login_template_id::
The type of this field is nilable +StartEmailUpdateRequestLocale+ (string enum).
Request support for additional languages [here](https://docs.google.com/forms/d/e/1FAIpQLScZSpAu_m2AmLXRT3F3kap-s_mcV6UTBitYn6CdyWP0-o7YjQ/viewform?usp=sf_link")!
Currently supported languages are English (`"en"`), Spanish (`"es"`), French (`"fr"`) and Brazilian Portuguese (`"pt-br"`); if no value is provided, the copy defaults to English.
Used to determine which language to use when sending the user this delivery method. Parameter is an [IETF BCP 47 language tag](https://www.w3.org/International/articles/language-tags/), e.g. `"en"`.
locale::
The type of this field is nilable +String+.
redirect URL that you set in your Dashboard is used. If you have not set a default login redirect URL, an error is returned.
verifies the request by querying Stytch's authenticate endpoint and finishes the login. If this value is not passed, the default login
The URL that the Member clicks from the login Email Magic Link. This URL should be an endpoint in the backend server that
login_redirect_url::
The type of this field is +String+.
The new email address for the Member.
email_address::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
If using Email OTP Codes, you should invoke the [Authenticate Email OTP Code](https://stytch.com/docs/b2b/api/authenticate-email-otp) endpoint as normal to complete the flow. Make sure to pass the new email address to the endpoint.
If using Email Magic Links, the magic link will redirect to your `login_redirect_url` (or the configured default if one isn't provided), and you should invoke the [Authenticate Magic Link](https://stytch.com/docs/b2b/api/authenticate-magic-link) endpoint as normal to complete the flow.
will be freed up for other members to use.
The member will receive an Email Magic Link (or Email OTP Code, if `EMAIL_OTP` is specified as the delivery method) that expires in 5 minutes. If they do not verify their new email address in that timeframe, the email
- Must not be updating for another member (i.e. two members cannot attempt to update to the same email at once)
- Must not be in use by another member (retired emails count as used until they are [unlinked](https://stytch.com/docs/b2b/api/unlink-retired-member-email))
The new email address must meet the following requirements:
To perform a self-serve update, members must be active and have an active, verified email address.
Starts a self-serve email update for a Member specified by their `organization_id` and `member_id`.
def start_email_update( organization_id:, member_id:, email_address:, login_redirect_url: nil, locale: nil, login_template_id: nil, delivery_method: nil, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = { email_address: email_address } request[:login_redirect_url] = login_redirect_url unless login_redirect_url.nil? request[:locale] = locale unless locale.nil? request[:login_template_id] = login_template_id unless login_template_id.nil? request[:delivery_method] = delivery_method unless delivery_method.nil? post_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/start_email_update", request, headers) end
def unlink_retired_email(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value.
organization_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +String+.
The email address of the Member.
email_address::
The type of this field is nilable +String+.
The globally unique UUID of a Member's email.
email_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
on the [Member object](https://stytch.com/docs/b2b/api/member-object).
addresses allows them to be subsequently re-used by other Organization Members. Retired email addresses can be viewed
A retired email address cannot be used by other Members in the same Organization. However, unlinking retired email
Member's primary email address and the old primary email address is retired.
- A new email address is surfaced by an OAuth, SAML or OIDC provider. In this case the new email address becomes the
- It's replaced with a new primary email address during an explicit Member update.
A previously active email address can be marked as retired in one of two ways:
both identifiers they must refer to the same email.
to be retired can be identified in the request body by either its `email_id`, its `email_address`, or both. If using
Unlinks a retired email address from a Member specified by their `organization_id` and `member_id`. The email address
def unlink_retired_email( organization_id:, member_id:, email_id: nil, email_address: nil, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = {} request[:email_id] = email_id unless email_id.nil? request[:email_address] = email_address unless email_address.nil? post_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}/unlink_retired_email", request, headers) end
def update(
== Method Options:
The type of this field is +Integer+.
The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
status_code::
The type of this field is +Organization+ (+object+).
The [Organization object](https://stytch.com/docs/b2b/api/organization-object).
organization::
The type of this field is +Member+ (+object+).
The [Member object](https://stytch.com/docs/b2b/api/member-object)
member::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member.
member_id::
The type of this field is +String+.
Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
request_id::
An object with the following fields:
== Returns:
The type of this field is nilable +Boolean+.
If `unlink_email` is `true` and an `email_address` is provided, the Member's previous email will be deleted instead of retired. Defaults to `false`.
unlink_email::
The type of this field is nilable +String+.
An identifier that can be used in most API calls where a `member_id` is expected. This is a string consisting of alphanumeric, `.`, `_`, `-`, or `|` characters with a maximum length of 128 characters. External IDs must be unique within an organization, but may be reused across different organizations in the same project.
external_id::
The type of this field is nilable +String+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.info.email` action on the `stytch.member` Resource. Members cannot update their own email address.
A Member's email address can only be useable again by other Members if the Member is deleted.
If a Member's email address is changed, other Members in the same Organization cannot use the old email address, although the Member may update back to their old email address.
Updates the Member's `email_address`, if provided. This will clear any existing passwords and require re-verification of the new email address.
email_address::
The type of this field is nilable +String+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.default-mfa-method` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.default-mfa-method` action on the `stytch.self` Resource.
The Member's default MFA method. This value is used to determine which secondary MFA method to use in the case of multiple methods registered for a Member. The current possible values are `sms_otp` and `totp`.
default_mfa_method::
The type of this field is nilable +Boolean+.
authentication factors with the affected SSO connection IDs will be revoked.
by SSO connection or SSO group. Defaults to `false` - that is, existing Member Sessions that contain SSO
Whether to preserve existing sessions when explicit Roles that are revoked are also implicitly assigned
preserve_existing_sessions::
The type of this field is nilable list of +String+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.roles` action on the `stytch.member` Resource.
`preserve_existing_sessions` parameter with a value of `true`.
authentication factors with the affected connection ID. You can preserve these sessions by passing in the
or an SSO group, we will by default revoke any existing sessions for the Member that contain any SSO
If a Role is removed from a Member, and the Member is also implicitly assigned this Role from an SSO connection
[RBAC guide](https://stytch.com/docs/b2b/guides/rbac/role-assignment) for more information about role assignment.
Will completely replace any existing explicitly assigned roles. See the
Roles to explicitly assign to this Member.
roles::
The type of this field is nilable +Boolean+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.mfa-enrolled` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.settings.mfa-enrolled` action on the `stytch.self` Resource.
Sets whether the Member is enrolled in MFA. If true, the Member must complete an MFA step whenever they wish to log in to their Organization. If false, the Member only needs to complete an MFA step if the Organization's MFA policy is set to `REQUIRED_FOR_ALL`.
mfa_enrolled::
The type of this field is nilable +String+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.info.mfa-phone` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.mfa-phone` action on the `stytch.self` Resource.
Sets the Member's phone number. Throws an error if the Member already has a phone number. To change the Member's phone number, use the [Delete member phone number endpoint](https://stytch.com/docs/b2b/api/delete-member-mfa-phone-number) to delete the Member's existing phone number first.
mfa_phone_number::
The type of this field is nilable +Boolean+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.settings.is-breakglass` action on the `stytch.member` Resource.
Identifies the Member as a break glass user - someone who has permissions to authenticate into an Organization by bypassing the Organization's settings. A break glass account is typically used for emergency purposes to gain access outside of normal authentication procedures. Refer to the [Organization object](https://stytch.com/docs/b2b/api/organization-object) and its `auth_methods` and `allowed_auth_methods` fields for more details.
is_breakglass::
The type of this field is nilable +object+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.info.untrusted-metadata` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.untrusted-metadata` action on the `stytch.self` Resource.
for complete field behavior details.
frontend SDK, and should not be used to store critical information. See the [Metadata resource](https://stytch.com/docs/b2b/api/metadata)
An arbitrary JSON object of application-specific data. These fields can be edited directly by the
untrusted_metadata::
The type of this field is nilable +object+.
update trusted metadata when acting as a Member.
If a session header is passed into the request, this field may **not** be passed into the request. You cannot
An arbitrary JSON object for storing application-specific data or identity-provider-specific data.
trusted_metadata::
The type of this field is nilable +String+.
If this field is provided and a session header is passed into the request, the Member Session must have permission to perform the `update.info.name` action on the `stytch.member` Resource. Alternatively, if the Member Session matches the Member associated with the `member_id` passed in the request, the authorization check will also allow a Member Session that has permission to perform the `update.info.name` action on the `stytch.self` Resource.
The name of the Member.
name::
The type of this field is +String+.
Globally unique UUID that identifies a specific Member. The `member_id` is critical to perform operations on a Member, so be sure to preserve this value. You may use an external_id here if one is set for the member.
member_id::
The type of this field is +String+.
Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value. You may also use the organization_slug or organization_external_id here as a convenience.
organization_id::
== Parameters:
Updates a Member specified by `organization_id` and `member_id`.
def update( organization_id:, member_id:, name: nil, trusted_metadata: nil, untrusted_metadata: nil, is_breakglass: nil, mfa_phone_number: nil, mfa_enrolled: nil, roles: nil, preserve_existing_sessions: nil, default_mfa_method: nil, email_address: nil, external_id: nil, unlink_email: nil, method_options: nil ) headers = {} headers = headers.merge(method_options.to_headers) unless method_options.nil? request = {} request[:name] = name unless name.nil? request[:trusted_metadata] = trusted_metadata unless trusted_metadata.nil? request[:untrusted_metadata] = untrusted_metadata unless untrusted_metadata.nil? request[:is_breakglass] = is_breakglass unless is_breakglass.nil? request[:mfa_phone_number] = mfa_phone_number unless mfa_phone_number.nil? request[:mfa_enrolled] = mfa_enrolled unless mfa_enrolled.nil? request[:roles] = roles unless roles.nil? request[:preserve_existing_sessions] = preserve_existing_sessions unless preserve_existing_sessions.nil? request[:default_mfa_method] = default_mfa_method unless default_mfa_method.nil? request[:email_address] = email_address unless email_address.nil? request[:external_id] = external_id unless external_id.nil? request[:unlink_email] = unlink_email unless unlink_email.nil? put_request("/v1/b2b/organizations/#{organization_id}/members/#{member_id}", request, headers) end