Verify Password (Enterprise)

POST /v1/auth/passwords/verify
Authorization

Verify user password and generate a session. When a new factor is added, a new session_token will be generated but inheriting the same session ID and history (e.g. OTP, magic link factors).

HTTP Request

POST /v1/auth/passwords/verify

Returns

A successful response returns an object with verified user_id and session properties.

application/json

Body

  • user_id string Required

    Unique given user ID.

  • password string Required

    User password.

  • session_expires_in integer

    Extend the session expiration time to N minutes from now, must be between 5 to 525600 minutes (365 days).

  • session_token string

    Unique Session token to verify.

  • session_jwt string

    Unique Session JWT to verify.

  • device_fingerprint object

    Device fingerprinting metadata for fraud detection during verification step. This is useful to ensure that the user who originated the request matches the user that verifies the token. Verification requirements can be enabled in the Verify Token step by matching fields in the device_fingerprint such as IP, User Agent or the combination of them (more fraud detection features coming soon!)

    Hide device_fingerprint attributes Show device_fingerprint attributes object
    • ip string

      IP of the user originating the request.

    • user_agent string

      User Agent of the browser originating the request.

Responses

POST /v1/auth/passwords/verify 
curl \
 --request POST 'https://api.streambird.io/v1/auth/passwords/verify' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/json" \
 --data '{"password":"samplepass","session_token":"4KdNDr4QAMekuWssW7IDtF9mlsmkOj8QDRbp7oIGOb3Tv4sE3PjX6j6GypoYNnIB"}'
Request example 
{
  "password": "samplepass",
  "session_token": "4KdNDr4QAMekuWssW7IDtF9mlsmkOj8QDRbp7oIGOb3Tv4sE3PjX6j6GypoYNnIB"
}
Response examples (200) 
{
  "session": {
    "id": "sess_2KF44T13b1clHEoOHpwEmTtldx5",
    "deleted": false,
    "factors": [
      {
        "type": "otp",
        "method": {
          "email": "sandbox@streambird.io",
          "email_id": "email_24oXBL3PufzHkH1Jzyjc2EXYeo7",
          "method_id": "email_24oXBL3PufzHkH1Jzyjc2EXYeo7",
          "method_type": "email",
          "last_verified_at": 1673556805
        },
        "delivery_channel": "email"
      },
      {
        "type": "password",
        "method": {
          "last_verified_at": 1673556817
        },
        "delivery_channel": "password"
      }
    ],
    "user_id": "user_2Cu2uVhYy0OVgRcO913OsqIVaPI",
    "created_at": 1673556805,
    "deleted_at": 0,
    "expires_at": 1673562817,
    "started_at": 1673556805,
    "updated_at": 1673556817,
    "permissions": [],
    "last_active_at": 1673556817,
    "device_fingerprint": {
      "ip": "",
      "user_agent": "Chrome"
    }
  },
  "user_id": "user_2Cu2uVhYy0OVgRcO913OsqIVaPIb",
  "session_jwt": "eyJhbGciOiJSUzI1NiIsImtpZCI6Imp3a18yN0Q1dU9UaFIyZHNncmFYN1dWb0VMRzRxRVgiLCJ0eXAiOiJKV1QifQ.eyJleHAiOjE2NzM1NjI4MTcsImh0dHBzOi8vc3RyZWFtYmlyZC5pby9qd3Qvc2Vzc2lvbiI6eyJpZCI6InNlc3NfMktGNDRUMTNiMWNsSEVvT0hwd0VtVHRsZHg1IiwidXNlcl9pZCI6ImRlOGRjM2IxLWI3ZTAtNGU3OS05MjU3LTZmNjgwZTUxOTcwYiIsInN0YXJ0ZWRfYXQiOjE2NzM1NTY4MDUsImV4cGlyZXNfYXQiOjE2NzM1NjI4MTcsImxhc3RfYWN0aXZlX2F0IjoxNjczNTU2ODE3LCJmYWN0b3JzIjpbeyJkZWxpdmVyeV9jaGFubmVsIjoiZW1haWwiLCJ0eXBlIjoib3RwIiwibWV0aG9kIjp7Im1ldGhvZF9pZCI6IjU5MzY2NTEzLWNmMzctNDE5Ni05NmY0LTI0ZGE3NTc3MjRiYSIsIm1ldGhvZF90eXBlIjoiZW1haWwiLCJlbWFpbF9pZCI6IjU5MzY2NTEzLWNmMzctNDE5Ni05NmY0LTI0ZGE3NTc3MjRiYSIsImVtYWlsIjoidGltQHN0cmVhbWJpcmQuaW8iLCJsYXN0X3ZlcmlmaWVkX2F0IjoxNjczNTU2ODA1fX0seyJkZWxpdmVyeV9jaGFubmVsIjoicGFzc3dvcmQiLCJ0eXBlIjoicGFzc3dvcmQiLCJtZXRob2QiOnsibGFzdF92ZXJpZmllZF9hdCI6MTY3MzU1NjgxN319XSwiZGV2aWNlX2ZpbmdlcnByaW50Ijp7InVzZXJfYWdlbnQiOiJDaHJvbWUiLCJpcCI6IiJ9LCJ1cGRhdGVkX2F0IjoxNjczNTU2ODE3LCJjcmVhdGVkX2F0IjoxNjczNTU2ODA1fSwiaWF0IjoxNjczNTU2ODE3LCJpc3MiOiJhcGkuc3RyZWFtYmlyZC5pby82ZTdjOWYxYi01ZTY2LTQwMGMtOTlhNy03ODM0MTFlMDNhYWMiLCJqdGkiOiJzZXNzXzJLRjQ0VDEzYjFjbEhFb09IcHdFbVR0bGR4NSIsIm5iZiI6MTY3MzU1NjgxNywic3ViIjoiZGU4ZGMzYjEtYjdlMC00ZTc5LTkyNTctNmY2ODBlNTE5NzBiIn0.ftGVnMztULiawr7XICEbKNT1KBep0XR3GHwzt-XWfz4BWSwUWEyueNUb1OVlS7wObyVZS6GvAHd2FfyJDv9LLneRzza6zuYxrZ6P52mI6zCGeyxJX95LBR5eyx-55Se_Z13cK1Lnky6xI4rm96wKvUkE3SObse9b1J7rXaZk_TF0Phss2-L53n_xTtXiDecPKe6DvnVh-AWv6pcDB4HpsMDSEiSgGo-0NNgcDNs5WuDz7W9AIOH_6DjfIghBx7RDr_S8EUkn55-w01uJjohHshTKtN2GsGgiR-mbpHum84RpakCMvXMqVURcQsjtQP7uN5qjllTXPI272QQkmGtQYg",
  "session_token": "4KdNDr4QAMekuWssW7IDtF9mlsmkOj8QDRbp7oIGOb3Tv4sE3PjX6j6GypoYNnIB"
}