{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/api_b2b_oauth_v1_AuthenticateResponse",
  "title": "api_b2b_oauth_v1_AuthenticateResponse",
  "type": "object",
  "properties": {
    "request_id": {
      "type": "string",
      "description": "Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue."
    },
    "member_id": {
      "type": "string",
      "description": "Globally unique UUID that identifies a specific Member."
    },
    "provider_subject": {
      "type": "string",
      "description": "The unique identifier for the User within a given OAuth provider. Also commonly called the `sub` or \"Subject field\" in OAuth protocols."
    },
    "provider_type": {
      "type": "string",
      "description": "Denotes the OAuth identity provider that the user has authenticated with, e.g. Google, Microsoft, GitHub etc."
    },
    "session_token": {
      "type": "string",
      "description": "A secret token for a given Stytch Session."
    },
    "session_jwt": {
      "type": "string",
      "description": "The JSON Web Token (JWT) for a given Stytch Session."
    },
    "member": {
      "$ref": "#/components/schemas/api_organization_v1_Member",
      "description": "The [Member object](https://stytch.com/docs/b2b/api/member-object)"
    },
    "organization_id": {
      "type": "string",
      "description": "Globally unique UUID that identifies a specific Organization. The `organization_id` is critical to perform operations on an Organization, so be sure to preserve this value."
    },
    "organization": {
      "$ref": "#/components/schemas/api_organization_v1_Organization",
      "description": "The [Organization object](https://stytch.com/docs/b2b/api/organization-object)."
    },
    "reset_sessions": {
      "type": "boolean",
      "description": "This field is deprecated."
    },
    "member_authenticated": {
      "type": "boolean",
      "description": "Indicates whether the Member is fully authenticated. If false, the Member needs to complete an MFA step to log in to the Organization."
    },
    "intermediate_session_token": {
      "type": "string",
      "description": "The returned Intermediate Session Token contains an OAuth factor associated with the Member's email address. If this value is non-empty, the member must complete an MFA step to finish logging in to the Organization. The token can be used with the [OTP SMS Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-otp-sms), [TOTP Authenticate endpoint](https://stytch.com/docs/b2b/api/authenticate-totp), or [Recovery Codes Recover endpoint](https://stytch.com/docs/b2b/api/recovery-codes-recover) to complete an MFA flow and log in to the Organization. The token has a default expiry of 10 minutes. It can also be used with the [Exchange Intermediate Session endpoint](https://stytch.com/docs/b2b/api/exchange-intermediate-session) to join a specific Organization that allows the factors represented by the intermediate session token; or the [Create Organization via Discovery endpoint](https://stytch.com/docs/b2b/api/create-organization-via-discovery) to create a new Organization and Member. Intermediate Session Tokens have a default expiry of 10 minutes."
    },
    "status_code": {
      "type": "integer",
      "format": "int32",
      "description": "The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors."
    },
    "member_session": {
      "$ref": "#/components/schemas/api_b2b_session_v1_MemberSession",
      "description": "The [Session object](https://stytch.com/docs/b2b/api/session-object)."
    },
    "provider_values": {
      "$ref": "#/components/schemas/api_b2b_oauth_v1_ProviderValues",
      "description": "The `provider_values` object lists relevant identifiers, values, and scopes for a given OAuth provider. For example this object will include a provider's `access_token` that you can use to access the provider's API for a given user.\n\n  Note that these values will vary based on the OAuth provider in question, e.g. `id_token` is only returned by Microsoft. Google One Tap does not return access tokens or refresh tokens."
    },
    "mfa_required": {
      "$ref": "#/components/schemas/api_b2b_mfa_v1_MfaRequired",
      "description": "Information about the MFA requirements of the Organization and the Member's options for fulfilling MFA."
    },
    "primary_required": {
      "$ref": "#/components/schemas/api_b2b_session_v1_PrimaryRequired",
      "description": "Information about the primary authentication requirements of the Organization."
    },
    "member_device": {
      "$ref": "#/components/schemas/api_device_history_v1_DeviceInfo",
      "description": "If a valid `telemetry_id` was passed in the request and the [Fingerprint Lookup API](https://stytch.com/docs/fraud/api/fingerprint-lookup) returned results, the `member_device` response field will contain information about the member's device attributes."
    }
  },
  "required": [
    "request_id",
    "member_id",
    "provider_subject",
    "provider_type",
    "session_token",
    "session_jwt",
    "member",
    "organization_id",
    "organization",
    "reset_sessions",
    "member_authenticated",
    "intermediate_session_token",
    "status_code"
  ]
}