workos 5.22.0 → 5.24.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 65c18f67663b8681a74442c6771d1527b66fecd20a9c114557255d4ce8d9ca38
-  data.tar.gz: 242b03d06e9caa456b3128d284fee00481fb4e7edec79934fd22c2e57598901b
+  metadata.gz: d7f42db282e0cd23cad458937055c17ec9fa9e82672b9aa1b888ce2200aa8891
+  data.tar.gz: 1e05a96b056eba6bef1e8f89d7ad6b2cabba616b3911c2afccee6133e8749b9f
 SHA512:
-  metadata.gz: f6f3ccbbc9b6026beee00f92fcb8d87ce3f321ba8be4c808cd524daeb1dc1aa7fa13ef3c9c885096f83e8a68347b70a78d2d9297a396a8071727506e31787c9f
-  data.tar.gz: d8f71832e8767dcfbcc2bcad5760ff5f59cbb3513a73708dc41c50dd5d4f3ac515788a8b81c596b9bb069244d912f3c3a2db9b1e39a0e34ff920bc87a7233b39
+  metadata.gz: 1f3282f8a5c632f2f03a98ce2c43824cfe2fbbb57b575ee51def000a5b03073b1ab284368f55543a79e3281223b6409854fdb98a45457b17268f9768a7717957
+  data.tar.gz: dbf3dd84bc9758fd141649e1dbb5c7d41fc06b6d5e8e64d1ae597e8188a87369783ecdae026c7b6a6f947afbc28c25fd475aa8f927cb422feb6766c6ddfa0804

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (5.22.0)
+    workos (5.24.0)
       encryptor (~> 3.0)
       jwt (~> 2.8)
 
@@ -32,7 +32,6 @@ GEM
     rainbow (3.1.1)
     regexp_parser (2.10.0)
     rexml (3.4.1)
-      strscan
     rspec (3.9.0)
       rspec-core (~> 3.9.0)
       rspec-expectations (~> 3.9.0)
@@ -59,11 +58,11 @@ GEM
     rubocop-ast (1.37.0)
       parser (>= 3.3.1.0)
     ruby-progressbar (1.13.0)
-    strscan (3.1.0)
     unicode-display_width (3.1.4)
       unicode-emoji (~> 4.0, >= 4.0.4)
     unicode-emoji (4.0.4)
-    vcr (5.0.0)
+    vcr (6.3.1)
+      base64
     webmock (3.23.0)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
@@ -76,7 +75,7 @@ DEPENDENCIES
   bundler (>= 2.0.1)
   rspec (~> 3.9.0)
   rubocop (~> 1.71)
-  vcr (~> 5.0.0)
+  vcr (~> 6.0)
   webmock
   workos!
 

data/lib/workos/organization.rb

@@ -12,6 +12,7 @@ module WorkOS
       :domains,
       :stripe_customer_id,
       :name,
+      :external_id,
       :allow_profiles_outside_organization,
       :created_at,
       :updated_at,
@@ -22,6 +23,7 @@ module WorkOS
 
       @id = hash[:id]
       @name = hash[:name]
+      @external_id = hash[:external_id]
       @allow_profiles_outside_organization = hash[:allow_profiles_outside_organization]
       @domains = hash[:domains]
       @stripe_customer_id = hash[:stripe_customer_id]
@@ -33,6 +35,7 @@ module WorkOS
       {
         id: id,
         name: name,
+        external_id: external_id,
         allow_profiles_outside_organization: allow_profiles_outside_organization,
         domains: domains,
         stripe_customer_id: stripe_customer_id,

data/lib/workos/organizations.rb

@@ -75,6 +75,7 @@ module WorkOS
       # @option domain_data [String] domain The domain that belongs to the organization.
       # @option domain_data [String] state The state of the domain. "verified" or "pending"
       # @param [String] name A unique, descriptive name for the organization
+      # @param [String] external_id The organization's external ID.
       # @param [String] idempotency_key An idempotency key
       # @param [Boolean, nil] allow_profiles_outside_organization Whether Connections
       #   within the Organization allow profiles that are outside of the Organization's configured User Email Domains.
@@ -85,11 +86,13 @@ module WorkOS
         domain_data: nil,
         domains: nil,
         name:,
+        external_id: nil,
         allow_profiles_outside_organization: nil,
         idempotency_key: nil
       )
         body = { name: name }
         body[:domain_data] = domain_data if domain_data
+        body[:external_id] = external_id if external_id
 
         if domains
           warn_deprecation '`domains` is deprecated. Use `domain_data` instead.'
@@ -123,22 +126,26 @@ module WorkOS
       # @option domain_data [String] state The state of the domain. "verified" or "pending"
       # @param [String] stripe_customer_id The Stripe customer ID associated with this organization.
       # @param [String] name A unique, descriptive name for the organization
+      # @param [String] external_id The organization's external ID.
       # @param [Boolean, nil] allow_profiles_outside_organization Whether Connections
       #   within the Organization allow profiles that are outside of the Organization's configured User Email Domains.
       #   Deprecated: If you need to allow sign-ins from any email domain, contact suppport@workos.com.
       # @param [Array<String>] domains List of domains that belong to the organization.
       #   Deprecated: Use domain_data instead.
+      # rubocop:disable Metrics/ParameterLists
       def update_organization(
         organization:,
         stripe_customer_id: nil,
         domain_data: nil,
         domains: nil,
         name: nil,
+        external_id: :not_set,
         allow_profiles_outside_organization: nil
       )
         body = { name: name }
         body[:domain_data] = domain_data if domain_data
         body[:stripe_customer_id] = stripe_customer_id if stripe_customer_id
+        body[:external_id] = external_id if external_id != :not_set
 
         if domains
           warn_deprecation '`domains` is deprecated. Use `domain_data` instead.'
@@ -162,6 +169,7 @@ module WorkOS
 
         WorkOS::Organization.new(response.body)
       end
+      # rubocop:enable Metrics/ParameterLists
 
       # Delete an Organization
       #

data/lib/workos/user_management.rb

@@ -69,6 +69,8 @@ module WorkOS
       #  that is preserved and available to the client in the response.
       # @param [String] login_hint Can be used to pre-fill the username/email address
       # field of the IdP sign-in page for the user, if you know their username ahead of time.
+      # @param [String] screen_hint Specify which AuthKit screen users should land on upon redirection
+      # (Only applicable when provider is 'authkit').
       # @param [String] domain_hint Can be used to pre-fill the domain field when
       # initiating authentication with Microsoft OAuth, or with a GoogleSAML connection type.
       # @param [Array<String>] provider_scopes An array of additional OAuth scopes to request from the provider.
@@ -94,6 +96,7 @@ module WorkOS
         client_id: nil,
         domain_hint: nil,
         login_hint: nil,
+        screen_hint: nil,
         provider: nil,
         connection_id: nil,
         organization_id: nil,
@@ -114,6 +117,7 @@ module WorkOS
           state: state,
           domain_hint: domain_hint,
           login_hint: login_hint,
+          screen_hint: screen_hint,
           provider: provider,
           connection_id: connection_id,
           organization_id: organization_id,
@@ -182,6 +186,7 @@ module WorkOS
       # @param [String] first_name The user's first name.
       # @param [String] last_name The user's last name.
       # @param [Boolean] email_verified Whether the user's email address was previously verified.
+      # @param [String] external_id The user's external ID.
       # @param [String] password_hash The user's hashed password.
       # @option [String] password_hash_type The algorithm originally used to hash the password.
       #
@@ -193,6 +198,7 @@ module WorkOS
         first_name: nil,
         last_name: nil,
         email_verified: nil,
+        external_id: nil,
         password_hash: nil,
         password_hash_type: nil
       )
@@ -204,6 +210,7 @@ module WorkOS
             first_name: first_name,
             last_name: last_name,
             email_verified: email_verified,
+            external_id: external_id,
             password_hash: password_hash,
             password_hash_type: password_hash_type,
           }.compact,
@@ -231,14 +238,14 @@ module WorkOS
       # @return [WorkOS::User]
       def update_user(
         id:,
-        email: nil,
-        first_name: nil,
-        last_name: nil,
-        email_verified: nil,
-        external_id: nil,
-        password: nil,
-        password_hash: nil,
-        password_hash_type: nil
+        email: :not_set,
+        first_name: :not_set,
+        last_name: :not_set,
+        email_verified: :not_set,
+        external_id: :not_set,
+        password: :not_set,
+        password_hash: :not_set,
+        password_hash_type: :not_set
       )
         request = put_request(
           path: "/user_management/users/#{id}",
@@ -251,7 +258,7 @@ module WorkOS
             password: password,
             password_hash: password_hash,
             password_hash_type: password_hash_type,
-          }.compact,
+          }.reject { |_, v| v == :not_set },
           auth: true,
         )
 

data/lib/workos/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WorkOS
-  VERSION = '5.22.0'
+  VERSION = '5.24.0'
 end

data/spec/lib/workos/organizations_spec.rb

@@ -33,6 +33,21 @@ describe WorkOS::Organizations do
           end
         end
 
+        context 'with external_id' do
+          it 'creates an organization with external_id' do
+            VCR.use_cassette 'organization/create_with_external_id' do
+              organization = described_class.create_organization(
+                name: 'Test Organization with External ID',
+                external_id: 'ext_org_123',
+              )
+
+              expect(organization.id).to start_with('org_')
+              expect(organization.name).to eq('Test Organization with External ID')
+              expect(organization.external_id).to eq('ext_org_123')
+            end
+          end
+        end
+
         context 'with domains' do
           it 'creates an organization and warns' do
             VCR.use_cassette 'organization/create_with_domains' do
@@ -310,6 +325,43 @@ describe WorkOS::Organizations do
         end
       end
     end
+    context 'with an external_id' do
+      it 'updates the organization' do
+        VCR.use_cassette 'organization/update_with_external_id' do
+          organization = described_class.update_organization(
+            organization: 'org_01K0SQV0S6EPWK2ZDEFD1CP1JC',
+            name: 'Test Organization',
+            external_id: 'ext_org_456',
+          )
+
+          expect(organization.id).to eq('org_01K0SQV0S6EPWK2ZDEFD1CP1JC')
+          expect(organization.name).to eq('Test Organization')
+          expect(organization.external_id).to eq('ext_org_456')
+        end
+      end
+    end
+
+    context 'can set external_id to null explicitly' do
+      it 'includes external_id null in request body' do
+        original_method = described_class.method(:put_request)
+        allow(described_class).to receive(:put_request) do |kwargs|
+          original_method.call(**kwargs)
+        end
+
+        VCR.use_cassette 'organization/update_with_external_id_null' do
+          described_class.update_organization(
+            organization: 'org_01K0SQV0S6EPWK2ZDEFD1CP1JC',
+            name: 'Test Organization',
+            external_id: nil,
+          )
+        end
+
+        # Verify the spy captured the right call
+        expect(described_class).to have_received(:put_request).with(
+          hash_including(body: hash_including(external_id: nil)),
+        )
+      end
+    end
   end
 
   describe '.delete_organization' do

data/spec/lib/workos/user_management_spec.rb

@@ -202,6 +202,41 @@ describe WorkOS::UserManagement do
       end
     end
 
+    context 'with a screen hint' do
+      let(:args) do
+        {
+          provider: 'authkit',
+          screen_hint: 'sign_up',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS.config.api_hostname)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
+          'edit%22%7D&screen_hint=sign_up&provider=authkit',
+        )
+      end
+    end
+
     context 'with neither connection_id, organization_id or provider' do
       let(:args) do
         {
@@ -358,6 +393,22 @@ describe WorkOS::UserManagement do
         )
       end
 
+      it 'creates a user with external_id' do
+        VCR.use_cassette 'user_management/create_user_with_external_id' do
+          user = described_class.create_user(
+            email: 'external@example.com',
+            first_name: 'External',
+            last_name: 'User',
+            external_id: 'ext_user_123',
+          )
+
+          expect(user.first_name).to eq('External')
+          expect(user.last_name).to eq('User')
+          expect(user.email).to eq('external@example.com')
+          expect(user.external_id).to eq('ext_user_123')
+        end
+      end
+
       context 'with an invalid payload' do
         it 'returns an error' do
           VCR.use_cassette 'user_management/create_user_invalid' do
@@ -426,6 +477,25 @@ describe WorkOS::UserManagement do
         )
       end
 
+      it 'can set external_id to null explicitly' do
+        original_method = described_class.method(:put_request)
+        allow(described_class).to receive(:put_request) do |kwargs|
+          original_method.call(**kwargs)
+        end
+
+        VCR.use_cassette 'user_management/update_user_external_id_null' do
+          described_class.update_user(
+            id: 'user_01K0SR53HJ58M957MYAB6TDZ9X',
+            first_name: 'John',
+            external_id: nil,
+          )
+        end
+
+        expect(described_class).to have_received(:put_request).with(
+          hash_including(body: hash_including(external_id: nil)),
+        )
+      end
+
       context 'with an invalid payload' do
         it 'returns an error' do
           VCR.use_cassette 'user_management/update_user/invalid' do

data/spec/support/fixtures/vcr_cassettes/organization/create_with_external_id.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/organizations
+    body:
+      encoding: UTF-8
+      string: '{"name":"Test Organization with External ID","external_id":"ext_org_123"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.20.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Tue, 22 Jul 2025 18:55:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '286'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 963526d76e29aafd-YYZ
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"11e-Op9TWXVRjSmUm44yQl7F4OmXvVQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 56c9630e-4889-4c81-989b-5a0399cdfcc2
+      X-Xss-Protection:
+      - '0'
+      Report-To:
+      - '{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=RvRh6EQA2egPx6JdFhsw.m.1RATK00LOdPev9hq3f8A-1753210520-1.0.1.1-Uchst_eeyl0_BAQRRODtUIhYDUBNZKYADoELB62ZrhleV2Q.J_Wdk59lUFdfwSqAAX2vWrW_nejregFofyr3sox0aNmZolb8G_7Nzpy2RD9uyKH4l3OgsDbo.LRttnqfDPXocdCCB9G61E4QJ8Q1ug"}],"group":"cf-csp-endpoint","max_age":86400}'
+      Content-Security-Policy-Report-Only:
+      - script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=RvRh6EQA2egPx6JdFhsw.m.1RATK00LOdPev9hq3f8A-1753210520-1.0.1.1-Uchst_eeyl0_BAQRRODtUIhYDUBNZKYADoELB62ZrhleV2Q.J_Wdk59lUFdfwSqAAX2vWrW_nejregFofyr3sox0aNmZolb8G_7Nzpy2RD9uyKH4l3OgsDbo.LRttnqfDPXocdCCB9G61E4QJ8Q1ug;
+        report-to cf-csp-endpoint
+      Set-Cookie:
+      - _cfuvid=PQ8Lx7_xKyiAL1Mx.Ib3Gjf0xXL4n9.aJfbpov473xY-1753210520423-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"object":"organization","id":"org_01K0SQV0S6EPWK2ZDEFD1CP1JC","name":"Test
+        Organization with External ID","allow_profiles_outside_organization":false,"created_at":"2025-07-22T18:55:20.355Z","updated_at":"2025-07-22T18:55:20.355Z","domains":[],"metadata":{},"external_id":"ext_org_123"}'
+    http_version:
+  recorded_at: Tue, 22 Jul 2025 18:55:20 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/organization/update_with_external_id.yml

@@ -0,0 +1,78 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/organizations/org_01K0SQV0S6EPWK2ZDEFD1CP1JC
+    body:
+      encoding: UTF-8
+      string: '{"name":"Test Organization","external_id":"ext_org_456"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.20.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Tue, 22 Jul 2025 18:59:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 96352cb1598936bf-YYZ
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"10d-7PesLGj94PWb6A5HO530ZxGdEf4"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - fdca4330-1a27-4bd5-9e78-75e58eefb233
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=hbA98zPccWnkbrQxoYNYNSHeQq3brYDB.grPijC_WV4-1753210760158-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"organization","id":"org_01K0SQV0S6EPWK2ZDEFD1CP1JC","name":"Test
+        Organization","allow_profiles_outside_organization":false,"created_at":"2025-07-22T18:55:20.355Z","updated_at":"2025-07-22T18:59:20.064Z","domains":[],"metadata":{},"external_id":"ext_org_456"}'
+    http_version:
+  recorded_at: Tue, 22 Jul 2025 18:59:20 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/organization/update_with_external_id_null.yml

@@ -0,0 +1,78 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/organizations/org_01K0SQV0S6EPWK2ZDEFD1CP1JC
+    body:
+      encoding: UTF-8
+      string: '{"name":"Test Organization","external_id":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.22.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Wed, 23 Jul 2025 14:19:40 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 963bd06b7d9fac70-YYZ
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"104-iVnG8ziU2vR/dhIQFse9HLEGA6c"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f38969a5-158e-4ed5-b165-a7789d1b0a07
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=7pLWC5qh1CKmolFiECCkKsRg3QAx7aM07F6bX4r6VMU-1753280380885-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"organization","id":"org_01K0SQV0S6EPWK2ZDEFD1CP1JC","name":"Test
+        Organization","allow_profiles_outside_organization":false,"created_at":"2025-07-22T18:55:20.355Z","updated_at":"2025-07-23T14:19:40.831Z","domains":[],"metadata":{},"external_id":null}'
+    http_version:
+  recorded_at: Wed, 23 Jul 2025 14:19:40 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/create_user_with_external_id.yml

@@ -0,0 +1,77 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/users
+    body:
+      encoding: UTF-8
+      string: '{"email":"external@example.com","password":null,"first_name":"External","last_name":"User","email_verified":null,"external_id":"ext_user_123","password_hash":null,"password_hash_type":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.20.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Tue, 22 Jul 2025 19:00:50 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '326'
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 96352ee9395c36b3-YYZ
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"146-upR+rp+FopOrmNrHPnshQZCSTFg"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 0ca01f80-ab79-4dac-ac38-85013ee190fc
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=eS3jraDP_ZTVdNpNKtpQG80hPBRXhXcHuq1V_QbAQjY-1753210850912-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: UTF-8
+      string: '{"object":"user","id":"user_01K0SR53HJ58M957MYAB6TDZ9X","email":"external@example.com","email_verified":false,"first_name":"External","last_name":"User","profile_picture_url":null,"metadata":{},"last_sign_in_at":null,"created_at":"2025-07-22T19:00:50.852Z","updated_at":"2025-07-22T19:00:50.852Z","external_id":"ext_user_123"}'
+    http_version:
+  recorded_at: Tue, 22 Jul 2025 19:00:50 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/update_user_external_id_null.yml

@@ -0,0 +1,77 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/user_management/users/user_01K0SR53HJ58M957MYAB6TDZ9X
+    body:
+      encoding: UTF-8
+      string: '{"first_name":"John","external_id":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.22.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Wed, 23 Jul 2025 14:19:37 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 963bd0578b723987-YYZ
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"138-cAQWhb1gyLa/WXSej+rjaxcQD5k"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - e32c5c22-9dba-480d-9b70-cb985f8de386
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=0ljO.TFpHbzOeVWd7XzlanO5UxaeU_RBUAsoWNtWaF0-1753280377738-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"user","id":"user_01K0SR53HJ58M957MYAB6TDZ9X","email":"external@example.com","email_verified":false,"first_name":"John","last_name":"User","profile_picture_url":null,"metadata":{},"last_sign_in_at":null,"created_at":"2025-07-22T19:00:50.852Z","updated_at":"2025-07-23T14:19:37.660Z","external_id":null}'
+    http_version:
+  recorded_at: Wed, 23 Jul 2025 14:19:37 GMT
+recorded_with: VCR 5.0.0

data/workos.gemspec

@@ -27,7 +27,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler', '>= 2.0.1'
   spec.add_development_dependency 'rspec', '~> 3.9.0'
   spec.add_development_dependency 'rubocop', '~> 1.71'
-  spec.add_development_dependency 'vcr', '~> 5.0.0'
+  spec.add_development_dependency 'vcr', '~> 6.0'
   spec.add_development_dependency 'webmock'
 
   spec.required_ruby_version = '>= 3.1'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 5.22.0
+  version: 5.24.0
 platform: ruby
 authors:
 - WorkOS
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-22 00:00:00.000000000 Z
+date: 2025-07-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: encryptor
@@ -86,14 +86,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.0.0
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -266,6 +266,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/organization/create_with_domains.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_different_payload.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_payload.yml
+- spec/support/fixtures/vcr_cassettes/organization/create_with_external_id.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_idempotency_key.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_without_domains.yml
 - spec/support/fixtures/vcr_cassettes/organization/delete.yml
@@ -275,6 +276,8 @@ files:
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
 - spec/support/fixtures/vcr_cassettes/organization/list_organization_roles.yml
 - spec/support/fixtures/vcr_cassettes/organization/update.yml
+- spec/support/fixtures/vcr_cassettes/organization/update_with_external_id.yml
+- spec/support/fixtures/vcr_cassettes/organization/update_with_external_id_null.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_with_stripe_customer_id.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_without_name.yml
 - spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
@@ -324,6 +327,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_user_with_external_id.yml
 - spec/support/fixtures/vcr_cassettes/user_management/deactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/valid.yml
@@ -374,6 +378,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/email.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/update_user_external_id_null.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user_password/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user_password/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/verify_email/invalid_code.yml
@@ -491,6 +496,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/organization/create_with_domains.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_different_payload.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_duplicate_idempotency_key_and_payload.yml
+- spec/support/fixtures/vcr_cassettes/organization/create_with_external_id.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_with_idempotency_key.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_without_domains.yml
 - spec/support/fixtures/vcr_cassettes/organization/delete.yml
@@ -500,6 +506,8 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
 - spec/support/fixtures/vcr_cassettes/organization/list_organization_roles.yml
 - spec/support/fixtures/vcr_cassettes/organization/update.yml
+- spec/support/fixtures/vcr_cassettes/organization/update_with_external_id.yml
+- spec/support/fixtures/vcr_cassettes/organization/update_with_external_id_null.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_with_stripe_customer_id.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_without_name.yml
 - spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
@@ -549,6 +557,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_user_with_external_id.yml
 - spec/support/fixtures/vcr_cassettes/user_management/deactivate_organization_membership.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/delete_organization_membership/valid.yml
@@ -599,6 +608,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/email.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/update_user_external_id_null.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user_password/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user_password/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/verify_email/invalid_code.yml