Update Password by Session (Enterprise)

POST /v1/auth/passwords/session/update

Update user password using an active session. If the session token does not have an active factor from OTP, magic link, or password, it will return an error.

HTTP Request

GET /v1/auth/passwords/session/update

Request Body

The following table lists the properties of an HTTP request that this action supports.

Returns

A successful response returns user_id property and session object associated with the session_token sent in.

application/json

Body

  • password string Required

    Required Unique user ID to associate the TOTP with.

    Minimum length is 1.

  • session_token string

    Required if session_jwt not present Session token to identify the user by. Only a valid session will result in a successful password change.

  • session_jwt string

    Required if session_token not present Session jwt to identify the user by. Only a valid session will result in a successful password change.

Responses

  • 200 application/json

    OK

    Hide response attributes Show response attributes object
    • session object
      Hide session attributes Show session attributes object
      • id string Required

        Minimum length is 1.

      • user_id string Required

        Minimum length is 1.

      • session_token string Required

        Minimum length is 1.

      • started_at number Required
      • expires_at number Required
      • last_active_at number Required
      • factors array[object] Required

        At least 1 element.

        Hide factors attributes Show factors attributes object
        • delivery_channel string Required

          Delivery channel for this factor. Possible values: sms, email, totp_authenticator, totp_recovery_code, google_oauth, apple_oauth, microsoft_oauth, discord_oauth, okta_oauth, github_oauth, slack_oauth, facebook_oauth, webauthn_credential, eth_wallet, sol_wallet.

          Minimum length is 1.

        • type string Required

          Authentication type of factor. Possible values: otp, oauth, wallet, totp, webauthn.

          Minimum length is 1.

        • method object Required
          Hide method attributes Show method attributes object
          • id string
          • method_id string Required

            Minimum length is 1.

          • method_type string Required

            Identifier method type. Possible values: email, wallet, phone_number, webauthn.

            Minimum length is 1.

          • last_verified_at number Required
          • phone_number_id string

            Minimum length is 1.

          • phone_number string

            Minimum length is 1.

          • email_id string
          • email string
          • wallet_type string
          • wallet_id string
          • wallet_public_address string
          • totp_id string
          • webauthn_credential_id string
          • provider_subject string
      • device_fingerprint object Required
        Hide device_fingerprint attributes Show device_fingerprint attributes object
        • user_agent string Required
        • ip string Required

          Minimum length is 1.

      • updated_at number Required
      • created_at number Required
    • user_id string
POST /v1/auth/passwords/session/update
curl \
 --request POST 'https://api.streambird.io/v1/auth/passwords/session/update' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"password":"samplepass","session_token":"4KdNDr4QAMekuWssW7IDtF9mlsmkOj8QDRbp7oIGOb3Tv4sE3PjX6j6GypoYNnIB"}'
Request example
{
  "password": "samplepass",
  "session_token": "4KdNDr4QAMekuWssW7IDtF9mlsmkOj8QDRbp7oIGOb3Tv4sE3PjX6j6GypoYNnIB"
}
Response examples (200)
{
  "session": {
    "id": "sess_2KF44T13b1clHEoOHpwEmTtldx5",
    "deleted": false,
    "factors": [
      {
        "type": "otp",
        "method": {
          "email": "sandbox@streambird.io",
          "email_id": "email_24oXBL3PufzHkH1Jzyjc2EXYeo7",
          "method_id": "email_24oXBL3PufzHkH1Jzyjc2EXYeo7",
          "method_type": "email",
          "last_verified_at": 1673556805
        },
        "delivery_channel": "email"
      },
      {
        "type": "password",
        "method": {
          "last_verified_at": 1673556817
        },
        "delivery_channel": "password"
      }
    ],
    "user_id": "user_2Cu2uVhYy0OVgRcO913OsqIVaPI",
    "created_at": 1673556805,
    "deleted_at": 0,
    "expires_at": 1673562817,
    "started_at": 1673556805,
    "updated_at": 1673556817,
    "permissions": [],
    "last_active_at": 1673556817,
    "device_fingerprint": {
      "ip": "",
      "user_agent": "Chrome"
    }
  },
  "user_id": "user_2Cu2uVhYy0OVgRcO913OsqIVaPIb"
}