workos 2.17.0 → 3.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/authenticate_with_password/invalid.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/user_management/authenticate
+      body:
+        encoding: UTF-8
+        string:
+          '{"client_id":"client_123","client_secret":"<API_KEY>","email":"invalid@workos.app","password":"invalid","ip_address":"200.240.210.16","user_agent":"Mozilla/5.0
+          (Macintosh; Intel Mac OS X 10_15_7) Chrome/108.0.0.0 Safari/537.36","grant_type":"password"}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+    response:
+      status:
+        code: 404
+        message: Not Found
+      headers:
+        Date:
+          - Tue, 29 Aug 2023 00:24:25 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 7fe0a6a5aff008df-SEA
+        Cf-Cache-Status:
+          - DYNAMIC
+        Etag:
+          - W/"68-vJ+qM+jhqT7OYdncb+ks9c+Wbao"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (devel)
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - 0ed3cdf7-03f9-4b37-bbc8-b86834679ed9
+        X-Xss-Protection:
+          - "0"
+        Set-Cookie:
+          - __cf_bm=_uZ1fHEnPVRWYuwQtAju5yf86eP5qqgBjNwvB2Albts-1693268665-0-Ads+iW6svcBYUZvMoNJBzxcUx+KQnhea78QwLCa2DUxT70OtGFXL95y+5BVHtkU4+a0vq1478vpuWzCr/dUzHls=;
+            path=/; expires=Tue, 29-Aug-23 00:54:25 GMT; domain=.workos.com; HttpOnly;
+            Secure; SameSite=None
+          - __cfruid=beafd87202de7b7d34fd4a1af55696cb5d19364d-1693268665; path=/; domain=.workos.com;
+            HttpOnly; Secure; SameSite=None
+        Server:
+          - cloudflare
+      body:
+        encoding: ASCII-8BIT
+        string: '{"message":"User not found: ''other@blips.app''.","code":"entity_not_found","entity_id":"other@blips.app"}'
+      http_version:
+    recorded_at: Tue, 29 Aug 2023 00:24:25 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/authenticate_with_password/valid.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/user_management/authenticate
+      body:
+        encoding: UTF-8
+        string:
+          '{"client_id":"client_123","client_secret":"<API_KEY>","email":"test@workos.app","password":"7YtYic00VWcXatPb","ip_address":"200.240.210.16","user_agent":"Mozilla/5.0
+          (Macintosh; Intel Mac OS X 10_15_7) Chrome/108.0.0.0 Safari/537.36","grant_type":"password"}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Tue, 29 Aug 2023 00:24:25 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 7fe0a6a27b0bc39c-SEA
+        Cf-Cache-Status:
+          - DYNAMIC
+        Etag:
+          - W/"16e-hoaHaR0EhmAH7TaNBOF8B2OHJq4"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (devel)
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - 62990367-ddaf-46b3-a32f-38fc4f29d581
+        X-Xss-Protection:
+          - "0"
+        Set-Cookie:
+          - __cf_bm=IiwoT1XAlPdVWj334oRTocU7zZyvKgYw61o0UoA7GtE-1693268665-0-AZTn/iGDfGV6R5j3aj7lcPod7FB9P3cbHc9pD1oN/U5ZmnUYvpCecp6AL+8p/+/bMuwwGqXGNMSa/eIpa0TVm+I=;
+            path=/; expires=Tue, 29-Aug-23 00:54:25 GMT; domain=.workos.com; HttpOnly;
+            Secure; SameSite=None
+          - __cfruid=beafd87202de7b7d34fd4a1af55696cb5d19364d-1693268665; path=/; domain=.workos.com;
+            HttpOnly; Secure; SameSite=None
+        Server:
+          - cloudflare
+      body:
+        encoding: ASCII-8BIT
+        string: '{"user":{"object":"user","id":"user_01H7TVSKS45SDHN5V9XPSM6H44","email":"test@workos.app","email_verified":true,"first_name":null,"last_name":null,"created_at":"2023-08-14T20:28:58.929Z","updated_at":"2023-08-28T15:56:19.798Z","user_type":"unmanaged","email_verified_at":"2023-08-22T11:18:01.850Z","google_oauth_profile_id":null,"microsoft_oauth_profile_id":null}}'
+      http_version:
+    recorded_at: Tue, 29 Aug 2023 00:24:25 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/authenticate_with_totp/invalid.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/user_management/authenticate
+      body:
+        encoding: UTF-8
+        string:
+          '{"code":"invalid","client_id":"client_123","client_secret":"<API_KEY>","grant_type":"urn:workos:oauth:grant-type:mfa-totp", "pending_authentication_token="pending_authentication_token_1234", "authentication_challenge_id": "authentication_challenge_id_1234"}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+    response:
+      status:
+        code: 400 
+        message: Bad Request
+      headers:
+        Date:
+          - Wed, 30 Aug 2023 19:51:51 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 7fef921deeca091f-SEA
+        Cf-Cache-Status:
+          - DYNAMIC
+        Etag:
+          - W/"13b-pHataL1lHEvsW5EO4vq5QgAdcWw"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (devel)
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - 630bec5a-5a13-4311-a0b7-958889a3bbb2
+        X-Xss-Protection:
+          - "0"
+        Set-Cookie:
+          - __cf_bm=o5KBdIAUFZp0azSQnnd1GlQcIlcPCz95uFg6hFNnKM8-1693425111-0-ARSauqdojZdKD6Z7vp12JBrxCp6wE1s0JzEhaN0XE2DqME76OnJiDJugj2TsbNGXtqWaH3By7XHUXVZDf+AdFxU=;
+            path=/; expires=Wed, 30-Aug-23 20:21:51 GMT; domain=.workos.com; HttpOnly;
+            Secure; SameSite=None
+          - __cfruid=3e9a5d359ba92753e7626245fef8b2f1ee096477-1693425111; path=/; domain=.workos.com;
+            HttpOnly; Secure; SameSite=None
+        Server:
+          - cloudflare
+      body:
+        encoding: UTF-8
+        string:
+          '{"error":"invalid_grant","error_description":"The code ''452079'' has
+          expired or is invalid."}'
+      http_version:
+    recorded_at: Wed, 30 Aug 2023 19:51:51 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/authenticate_with_totp/valid.yml

@@ -0,0 +1,81 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/user_management/authenticate
+      body:
+        encoding: UTF-8
+        string:
+          '{"code":"123456","client_id":"client_123","client_secret":"<API_KEY>","grant_type":"urn:workos:oauth:grant-type:mfa-totp", "pending_authentication_token="pending_authentication_token_1234", "authentication_challenge_id": "authentication_challenge_id_1234"}'
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Wed, 30 Aug 2023 19:51:51 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Transfer-Encoding:
+          - chunked
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 7fef921deeca091f-SEA
+        Cf-Cache-Status:
+          - DYNAMIC
+        Etag:
+          - W/"13b-pHataL1lHEvsW5EO4vq5QgAdcWw"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (devel)
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - 630bec5a-5a13-4311-a0b7-958889a3bbb2
+        X-Xss-Protection:
+          - "0"
+        Set-Cookie:
+          - __cf_bm=o5KBdIAUFZp0azSQnnd1GlQcIlcPCz95uFg6hFNnKM8-1693425111-0-ARSauqdojZdKD6Z7vp12JBrxCp6wE1s0JzEhaN0XE2DqME76OnJiDJugj2TsbNGXtqWaH3By7XHUXVZDf+AdFxU=;
+            path=/; expires=Wed, 30-Aug-23 20:21:51 GMT; domain=.workos.com; HttpOnly;
+            Secure; SameSite=None
+          - __cfruid=3e9a5d359ba92753e7626245fef8b2f1ee096477-1693425111; path=/; domain=.workos.com;
+            HttpOnly; Secure; SameSite=None
+        Server:
+          - cloudflare
+      body:
+        encoding: ASCII-8BIT
+        string: '{"user":{"object":"user","id":"user_01H93ZY4F80YZRRS6N59Z2HFVS","email":"test@workos.app","email_verified":false,"first_name":"Lucille","last_name":"Bluth","created_at":"2023-08-30T19:50:13.214Z","updated_at":"2023-08-30T19:50:13.214Z","user_type":"managed","sso_profile_id":"prof_01H93ZTVWYPAT4RKDSPFPPXH0J"}}'
+      http_version:
+    recorded_at: Wed, 30 Aug 2023 19:51:51 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/confirm_password_reset/invalid.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/password_reset/confirm
+    body:
+      encoding: UTF-8
+      string: '{"token":"bogus_token","new_password":"new_password"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin23; v2.16.0
+      Authorization:
+      - 'Bearer '
+  response:
+    status:
+      code: 401
+      message: Unauthorized
+    headers:
+      Date:
+      - Sat, 25 Nov 2023 21:46:08 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '26'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 82bd15298d6aa562-GRU
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f1a0b3f8-67fb-4885-81f8-18a40a4dd2c5
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=bOqLLKZ3OqpZ3OPfDa2w7klrkJKdkS9Y9apX.l.nSYU-1700948768-0-AbdBkjCZaXQcftSAC9N6KB1K0k2BGHaZZkJ2fqyngyDfWsGZiI9MnCe7HXBU8jhuevFp6MC8kxfWFY3tgW2hFZI=;
+        path=/; expires=Sat, 25-Nov-23 22:16:08 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=7aeaa81f9fe2d2f5c00011adcc897a137e871796-1700948768; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"message":"Unauthorized"}'
+    http_version:
+  recorded_at: Sat, 25 Nov 2023 21:46:08 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/confirm_password_reset/valid.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/password_reset/confirm
+    body:
+      encoding: UTF-8
+      string: '{"token":"eEgAgvAE0blvU1zWV3yWVAD22","new_password":"very_cool_new_pa$$word"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin23; v2.16.0
+      Authorization:
+      - 'Bearer '
+  response:
+    status:
+      code: 401
+      message: Unauthorized
+    headers:
+      Date:
+      - Sat, 25 Nov 2023 21:46:08 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '26'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 82bd15254f97a56e-GRU
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 7b813ca7-add6-4a7f-a7de-62b6a888543a
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=hmCZ.6OoiqzmwuUv6cpz.7XUdZcGTwNtfljW2v0dgPU-1700948768-0-ARWxWopNivTNFw8yWMnXuWh02wkLM9ahNWpAbgpDrKDdgzjMG7NPI1AQS81qrJakN4McyBudLtMYxrrVSoLm0I0=;
+        path=/; expires=Sat, 25-Nov-23 22:16:08 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=7aeaa81f9fe2d2f5c00011adcc897a137e871796-1700948768; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"message":"Unauthorized"}'
+    http_version:
+  recorded_at: Sat, 25 Nov 2023 21:46:07 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/invalid.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/organization_memberships
+    body:
+      encoding: UTF-8
+      string: '{"user_id":"","organization_id":""}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 422
+      message: Unprocessable Entity
+    headers:
+      Date:
+      - Wed, 16 Aug 2023 22:20:27 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '159'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7f7d108dbb190c96-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"9f-BfzHwYu4Bw+fPyyn8hWTmMF4Lio"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 2613d428-dfcc-4a40-8a32-d8b5634ad25e
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=A.5rC7UV26nOVmm0JDUdbBqITMPrX4eH4TaWgNTR8vw-1692224427-0-Abv9MzVBcqqhkKXLp7mgiOMgg+6rW9W3BKhbbhAR3P3msKzRNGsvztll65omw63yshr4A4S4FTvipQJGajpKRws=;
+        path=/; expires=Wed, 16-Aug-23 22:50:27 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=e57296bbc6ac05c18bc3a943f7bfc936fa954094-1692224427; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"code":"invalid_request_parameters","message":"Validation failed","errors":[{"code":"user_id_string_required","message":"User ID
+        should be a non-empty string."}]}'
+    http_version:
+  recorded_at: Wed, 16 Aug 2023 22:20:27 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/organization_memberships
+    body:
+      encoding: UTF-8
+      string: '{"user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"org_01H5JQDV7R7ATEYZDEG0W5PRYS"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Thu, 17 Aug 2023 14:20:07 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '335'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7f828e50ac5dc41d-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"14f-2n2KgFcHBXf1Yz7SYqzpAxR3E/E"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 8d277b87-b703-40d2-95ac-5f40bf96fcbf
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=Pd2y8tPXDzQthhv7HAd93AsNAjT9V0tbWdH6PzS_iyA-1692282007-0-AUsV9W08vMNk02vMMYwMWj3KVIAJtXMGZdhGaWVL9yL3e4S5D1cGL2925nELffPsxoejtsVqyeqdvIixzD7UnL8=;
+        path=/; expires=Thu, 17-Aug-23 14:50:07 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=432b4f1724bbd993a76e1e2e8c4d5e2381680fb1-1692282007; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"object":"organization_membership","id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"organization_01H5JQDV7R7ATEYZDEG0W5PRYS","created_at":"2023-07-18T02:07:19.911Z","updated_at":"2023-07-18T02:07:19.911Z"}'
+    http_version:
+  recorded_at: Thu, 17 Aug 2023 14:20:07 GMT
+recorded_with: VCR 5.0.0