Stytch Android/com.stytch.sdk.b2b.passwords/Passwords

Passwords

The Passwords interface provides methods for authenticating, creating, resetting, and performing strength checks of passwords.

Stytch supports creating, storing, and authenticating passwords, as well as support for account recovery (password reset) and account deduplication with passwordless login methods.

Our implementation of passwords has built-in breach detection powered by HaveIBeenPwned on both sign-up and login, to prevent the use of compromised credentials and uses configurable strength requirements (either Dropbox’s zxcvbn or adjustable LUDS) to guide members towards creating passwords that are easy for humans to remember but difficult for computers to crack.

Types

AuthParameters

data class AuthParameters( val organizationId: String, val emailAddress: String, val password: String, val sessionDurationMinutes: UInt = Constants.DEFAULT_SESSION_TIME_MINUTES)

Data class used for wrapping parameters used with Password Authentication

ResetByEmailParameters

data class ResetByEmailParameters( val token: String, val password: String, val sessionDurationMinutes: UInt = Constants.DEFAULT_SESSION_TIME_MINUTES)

Data class used for wrapping parameters used with Passwords ResetByEmail endpoint

ResetByEmailStartParameters

data class ResetByEmailStartParameters( val organizationId: String, val emailAddress: String, val loginRedirectUrl: String? = null, val resetPasswordRedirectUrl: String? = null, val resetPasswordExpirationMinutes: UInt? = null, val resetPasswordTemplateId: String? = null)

Data class used for wrapping parameters used with Passwords ResetByEmailStart endpoint

ResetByExistingPasswordParameters

data class ResetByExistingPasswordParameters( val organizationId: String, val emailAddress: String, val existingPassword: String, val newPassword: String, val sessionDurationMinutes: UInt = Constants.DEFAULT_SESSION_TIME_MINUTES)

Data class used for wrapping parameters used with Passwords StrengthCheck endpoint

ResetBySessionParameters

data class ResetBySessionParameters(val organizationId: String, val password: String)

Data class used for wrapping parameters used with Passwords StrengthCheck endpoint

StrengthCheckParameters

data class StrengthCheckParameters(val email: String? = null, val password: String)

Data class used for wrapping parameters used with Passwords StrengthCheck endpoint

Functions

authenticate

abstract suspend fun authenticate(parameters: Passwords.AuthParameters): AuthResponse

abstract fun authenticate(parameters: Passwords.AuthParameters, callback: (AuthResponse) -> Unit)

Authenticate a member with their email address and password. This endpoint verifies that the member has a password currently set, and that the entered password is correct.

resetByEmail

abstract suspend fun resetByEmail(parameters: Passwords.ResetByEmailParameters): EmailResetResponse

abstract fun resetByEmail(parameters: Passwords.ResetByEmailParameters, callback: (EmailResetResponse) -> Unit)

Reset the member’s password and authenticate them. This endpoint checks that the magic link token is valid, hasn’t expired, or already been used. The provided password needs to meet our password strength requirements, which can be checked in advance with the strengthCheck method. If the token and password are accepted, the password is securely stored for future authentication and the member is authenticated.

resetByEmailStart

abstract suspend fun resetByEmailStart(parameters: Passwords.ResetByEmailStartParameters): BaseResponse

abstract fun resetByEmailStart(parameters: Passwords.ResetByEmailStartParameters, callback: (BaseResponse) -> Unit)

Initiates a password reset for the email address provided. This will trigger an email to be sent to the address, containing a magic link that will allow them to set a new password and authenticate.

resetByExisting

abstract suspend fun resetByExisting(parameters: Passwords.ResetByExistingPasswordParameters): AuthResponse

abstract fun resetByExisting(parameters: Passwords.ResetByExistingPasswordParameters, callback: (AuthResponse) -> Unit)

Reset the member’s password and authenticate them. This endpoint checks that the existing password matches the stored value. The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint. If the password and accompanying parameters are accepted, the password is securely stored for future authentication and the member is authenticated.

resetBySession

abstract suspend fun resetBySession(parameters: Passwords.ResetBySessionParameters): SessionResetResponse

abstract fun resetBySession(parameters: Passwords.ResetBySessionParameters, callback: (SessionResetResponse) -> Unit)

Reset the member’s password and authenticate them. This endpoint checks that the session is valid and hasn’t expired or been revoked. The provided password needs to meet our password strength requirements, which can be checked in advance with the password strength endpoint. If the password and accompanying parameters are accepted, the password is securely stored for future authentication and the member is authenticated.

strengthCheck

abstract suspend fun strengthCheck(parameters: Passwords.StrengthCheckParameters): PasswordStrengthCheckResponse

abstract fun strengthCheck(parameters: Passwords.StrengthCheckParameters, callback: (PasswordStrengthCheckResponse) -> Unit)

This method allows you to check whether or not the member’s provided password is valid, and to provide feedback to the member on how to increase the strength of their password.