workos 5.24.0 → 5.26.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d7f42db282e0cd23cad458937055c17ec9fa9e82672b9aa1b888ce2200aa8891
-  data.tar.gz: 1e05a96b056eba6bef1e8f89d7ad6b2cabba616b3911c2afccee6133e8749b9f
+  metadata.gz: 70fb176f7fd3b899bb8c88f2123536778e2a026d97582de2e1beb9525b2bec5b
+  data.tar.gz: 164650f3cdbe0181b9d249c69fc6bab6713f41bef3e419dbb8ce765211123068
 SHA512:
-  metadata.gz: 1f3282f8a5c632f2f03a98ce2c43824cfe2fbbb57b575ee51def000a5b03073b1ab284368f55543a79e3281223b6409854fdb98a45457b17268f9768a7717957
-  data.tar.gz: dbf3dd84bc9758fd141649e1dbb5c7d41fc06b6d5e8e64d1ae597e8188a87369783ecdae026c7b6a6f947afbc28c25fd475aa8f927cb422feb6766c6ddfa0804
+  metadata.gz: cd3a1e2254870e8d34ace357916f6a8287fefdfb0c89e9e82ed679e02460caad0f457a2a60c56fa19afefc9d74a92427603efc12c4a181c13fe27bf4b4babc27
+  data.tar.gz: 89e8b4854838de9fc893c16380df4d0b75ef0fb68659b25cbca140310c4cc7dd00e371183c432d60d978548059a941a8410a2e143cefed6011b95be219f84d43

data/.gitignore

@@ -49,3 +49,4 @@
 # .rubocop-https?--*
 
 .vscode
+.idea/

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (5.24.0)
+    workos (5.26.0)
       encryptor (~> 3.0)
       jwt (~> 2.8)
 

data/lib/workos/feature_flag.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module WorkOS
+  # The FeatureFlag class provides a lightweight wrapper around
+  # a WorkOS Feature Flag resource. This class is not meant to be instantiated
+  # in user space, and is instantiated internally but exposed.
+  class FeatureFlag
+    include HashProvider
+
+    attr_accessor :id, :name, :slug, :description, :created_at, :updated_at
+
+    def initialize(json)
+      hash = JSON.parse(json, symbolize_names: true)
+
+      @id = hash[:id]
+      @name = hash[:name]
+      @slug = hash[:slug]
+      @description = hash[:description]
+      @created_at = hash[:created_at]
+      @updated_at = hash[:updated_at]
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        name: name,
+        slug: slug,
+        description: description,
+        created_at: created_at,
+        updated_at: updated_at,
+      }
+    end
+  end
+end

data/lib/workos/organization_membership.rb

@@ -7,7 +7,7 @@ module WorkOS
   class OrganizationMembership
     include HashProvider
 
-    attr_accessor :id, :user_id, :organization_id, :status, :role, :created_at, :updated_at
+    attr_accessor :id, :user_id, :organization_id, :status, :role, :roles, :created_at, :updated_at
 
     def initialize(json)
       hash = JSON.parse(json, symbolize_names: true)
@@ -17,6 +17,7 @@ module WorkOS
       @organization_id = hash[:organization_id]
       @status = hash[:status]
       @role = hash[:role]
+      @roles = hash[:roles]
       @created_at = hash[:created_at]
       @updated_at = hash[:updated_at]
     end
@@ -28,6 +29,7 @@ module WorkOS
         organization_id: organization_id,
         status: status,
         role: role,
+        roles: roles,
         created_at: created_at,
         updated_at: updated_at,
       }

data/lib/workos/organizations.rb

@@ -224,6 +224,46 @@ module WorkOS
         )
       end
 
+      # Retrieve a list of feature flags for the given organization.
+      #
+      # @param [String] organization_id The ID of the organization to fetch feature flags for.
+      # @param [Hash] options
+      # @option options [String] before A pagination argument used to request
+      #  feature flags before the provided FeatureFlag ID.
+      # @option options [String] after A pagination argument used to request
+      #  feature flags after the provided FeatureFlag ID.
+      # @option options [Integer] limit A pagination argument used to limit the number
+      #  of listed FeatureFlags that are returned.
+      # @option options [String] order The order in which to paginate records
+      #
+      # @example
+      #   WorkOS::Organizations.list_organization_feature_flags(organization_id: 'org_01EHZNVPK3SFK441A1RGBFSHRT')
+      #   => #<WorkOS::Types::ListStruct data=[#<WorkOS::FeatureFlag id="flag_123" slug="new-feature"
+      #                                         enabled=true ...>] ...>
+      #
+      # @return [WorkOS::Types::ListStruct] - Collection of FeatureFlag objects
+      def list_organization_feature_flags(organization_id:, options: {})
+        options[:order] ||= 'desc'
+        response = execute_request(
+          request: get_request(
+            path: "/organizations/#{organization_id}/feature-flags",
+            auth: true,
+            params: options,
+          ),
+        )
+
+        parsed_response = JSON.parse(response.body)
+
+        feature_flags = parsed_response['data'].map do |feature_flag|
+          WorkOS::FeatureFlag.new(feature_flag.to_json)
+        end
+
+        WorkOS::Types::ListStruct.new(
+          data: feature_flags,
+          list_metadata: parsed_response['list_metadata']&.transform_keys(&:to_sym),
+        )
+      end
+
       private
 
       def check_and_raise_organization_error(response:)

data/lib/workos/session.rb

@@ -30,6 +30,7 @@ module WorkOS
 
     # Authenticates the user based on the session data
     # @return [Hash] A hash containing the authentication response and a reason if the authentication failed
+    # rubocop:disable Metrics/AbcSize
     def authenticate
       return { authenticated: false, reason: 'NO_SESSION_COOKIE_PROVIDED' } if @session_data.nil?
 
@@ -49,6 +50,7 @@ module WorkOS
         session_id: decoded['sid'],
         organization_id: decoded['org_id'],
         role: decoded['role'],
+        roles: decoded['roles'],
         permissions: decoded['permissions'],
         entitlements: decoded['entitlements'],
         feature_flags: decoded['feature_flags'],
@@ -64,7 +66,6 @@ module WorkOS
     # @option options [String] :organization_id The organization ID to use for refreshing the session
     # @return [Hash] A hash containing a new sealed session, the authentication response,
     # and a reason if the refresh failed
-    # rubocop:disable Metrics/AbcSize
     # rubocop:disable Metrics/PerceivedComplexity
     def refresh(options = nil)
       cookie_password = options.nil? || options[:cookie_password].nil? ? @cookie_password : options[:cookie_password]

data/lib/workos/types/widget_scope.rb

@@ -6,8 +6,10 @@ module WorkOS
     # scopes while generating a widget token.
     module WidgetScope
       USERS_TABLE_MANAGE = 'widgets:users-table:manage'
+      SSO_MANAGE = 'widgets:sso:manage'
+      DOMAIN_VERIFICATION_MANAGE = 'widgets:domain-verification:manage'
 
-      ALL = [USERS_TABLE_MANAGE].freeze
+      ALL = [USERS_TABLE_MANAGE, SSO_MANAGE, DOMAIN_VERIFICATION_MANAGE].freeze
     end
   end
 end

data/lib/workos/user_management.rb

@@ -926,16 +926,23 @@ module WorkOS
       # @param [String] user_id The ID of the User.
       # @param [String] organization_id The ID of the Organization to which the user belongs to.
       # @param [String] role_slug The slug of the role to grant to this membership. (Optional)
+      # @param [Array<String>] role_slugs Array of role slugs to assign to this membership. (Optional)
       #
       # @return [WorkOS::OrganizationMembership]
-      def create_organization_membership(user_id:, organization_id:, role_slug: nil)
+      def create_organization_membership(user_id:, organization_id:, role_slug: nil, role_slugs: nil)
+        raise ArgumentError, 'Cannot specify both role_slug and role_slugs' if role_slug && role_slugs
+
+        body = {
+          user_id: user_id,
+          organization_id: organization_id,
+        }
+
+        body[:role_slugs] = role_slugs if role_slugs
+        body[:role_slug] = role_slug if role_slug
+
         request = post_request(
           path: '/user_management/organization_memberships',
-          body: {
-            user_id: user_id,
-            organization_id: organization_id,
-            role_slug: role_slug,
-          }.compact,
+          body: body.compact,
           auth: true,
         )
 
@@ -946,17 +953,22 @@ module WorkOS
 
       # Update an Organization Membership
       #
-      # @param [String] organization_membership_id The ID of the Organization Membership.
-      # @param [String] role_slug The slug of the role to grant to this membership.
+      # @param [String] id The ID of the Organization Membership.
+      # @param [String] role_slug The slug of the role to grant to this membership. (Optional)
+      # @param [Array<String>] role_slugs Array of role slugs to assign to this membership. (Optional)
       #
       # @return [WorkOS::OrganizationMembership]
-      def update_organization_membership(id:, role_slug:)
+      def update_organization_membership(id:, role_slug: nil, role_slugs: nil)
+        raise ArgumentError, 'Cannot specify both role_slug and role_slugs' if role_slug && role_slugs
+
+        body = { id: id }
+
+        body[:role_slugs] = role_slugs if role_slugs
+        body[:role_slug] = role_slug if role_slug
+
         request = put_request(
           path: "/user_management/organization_memberships/#{id}",
-          body: {
-            id: id,
-            role_slug: role_slug,
-          },
+          body: body.compact,
           auth: true,
         )
 

data/lib/workos/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module WorkOS
-  VERSION = '5.24.0'
+  VERSION = '5.26.0'
 end

data/lib/workos.rb

@@ -59,6 +59,7 @@ module WorkOS
   autoload :Event, 'workos/event'
   autoload :Events, 'workos/events'
   autoload :Factor, 'workos/factor'
+  autoload :FeatureFlag, 'workos/feature_flag'
   autoload :Impersonator, 'workos/impersonator'
   autoload :Invitation, 'workos/invitation'
   autoload :MagicAuth, 'workos/magic_auth'

data/spec/lib/workos/organizations_spec.rb

@@ -450,4 +450,120 @@ describe WorkOS::Organizations do
       end
     end
   end
+
+  describe '.list_organization_feature_flags' do
+    context 'with no options' do
+      it 'returns feature flags for organization' do
+        expected_metadata = {
+          after: nil,
+          before: nil,
+        }
+
+        VCR.use_cassette 'organization/list_organization_feature_flags' do
+          feature_flags = described_class.list_organization_feature_flags(
+            organization_id: 'org_01HX7Q7R12H1JMAKN75SH2G529',
+          )
+
+          expect(feature_flags.data.size).to eq(2)
+          expect(feature_flags.list_metadata).to eq(expected_metadata)
+        end
+      end
+    end
+
+    context 'with the before option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations/org_01HX7Q7R12H1JMAKN75SH2G529/feature-flags?before=before-id&'\
+          'order=desc',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list_organization_feature_flags', match_requests_on: [:path] do
+          feature_flags = described_class.list_organization_feature_flags(
+            organization_id: 'org_01HX7Q7R12H1JMAKN75SH2G529',
+            options: { before: 'before-id' },
+          )
+
+          expect(feature_flags.data.size).to eq(2)
+        end
+      end
+    end
+
+    context 'with the after option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations/org_01HX7Q7R12H1JMAKN75SH2G529/feature-flags?after=after-id&'\
+          'order=desc',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list_organization_feature_flags', match_requests_on: [:path] do
+          feature_flags = described_class.list_organization_feature_flags(
+            organization_id: 'org_01HX7Q7R12H1JMAKN75SH2G529',
+            options: { after: 'after-id' },
+          )
+
+          expect(feature_flags.data.size).to eq(2)
+        end
+      end
+    end
+
+    context 'with the limit option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations/org_01HX7Q7R12H1JMAKN75SH2G529/feature-flags?limit=10&'\
+          'order=desc',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list_organization_feature_flags', match_requests_on: [:path] do
+          feature_flags = described_class.list_organization_feature_flags(
+            organization_id: 'org_01HX7Q7R12H1JMAKN75SH2G529',
+            options: { limit: 10 },
+          )
+
+          expect(feature_flags.data.size).to eq(2)
+        end
+      end
+    end
+
+    context 'with multiple pagination options' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations/org_01HX7Q7R12H1JMAKN75SH2G529/feature-flags?after=after-id&'\
+          'limit=5&order=asc',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list_organization_feature_flags', match_requests_on: [:path] do
+          feature_flags = described_class.list_organization_feature_flags(
+            organization_id: 'org_01HX7Q7R12H1JMAKN75SH2G529',
+            options: { after: 'after-id', limit: 5, order: 'asc' },
+          )
+
+          expect(feature_flags.data.size).to eq(2)
+        end
+      end
+    end
+  end
 end

data/spec/lib/workos/session_spec.rb

@@ -108,6 +108,7 @@ describe WorkOS::Session do
         sid: 'session_id',
         org_id: 'org_id',
         role: 'role',
+        roles: ['role'],
         permissions: ['read'],
         exp: Time.now.to_i + 3600,
       }
@@ -173,6 +174,7 @@ describe WorkOS::Session do
                              session_id: 'session_id',
                              organization_id: 'org_id',
                              role: 'role',
+                             roles: ['role'],
                              permissions: ['read'],
                              feature_flags: nil,
                              entitlements: nil,
@@ -188,6 +190,7 @@ describe WorkOS::Session do
           sid: 'session_id',
           org_id: 'org_id',
           role: 'role',
+          roles: ['role'],
           permissions: ['read'],
           entitlements: ['billing'],
           exp: Time.now.to_i + 3600,
@@ -208,6 +211,7 @@ describe WorkOS::Session do
                                session_id: 'session_id',
                                organization_id: 'org_id',
                                role: 'role',
+                               roles: ['role'],
                                permissions: ['read'],
                                entitlements: ['billing'],
                                feature_flags: nil,
@@ -224,6 +228,7 @@ describe WorkOS::Session do
           sid: 'session_id',
           org_id: 'org_id',
           role: 'role',
+          roles: ['role'],
           permissions: ['read'],
           feature_flags: ['new_feature_enabled'],
           exp: Time.now.to_i + 3600,
@@ -244,6 +249,7 @@ describe WorkOS::Session do
                                session_id: 'session_id',
                                organization_id: 'org_id',
                                role: 'role',
+                               roles: ['role'],
                                permissions: ['read'],
                                entitlements: nil,
                                feature_flags: ['new_feature_enabled'],

data/spec/lib/workos/user_management_spec.rb

@@ -1302,6 +1302,23 @@ describe WorkOS::UserManagement do
         end
       end
     end
+
+    context 'with role slugs' do
+      it 'creates an organization membership with multiple roles' do
+        VCR.use_cassette 'user_management/create_organization_membership/valid_multiple_roles' do
+          organization_membership = described_class.create_organization_membership(
+            user_id: 'user_01H5JQDV7R7ATEYZDEG0W5PRYS',
+            organization_id: 'org_01H5JQDV7R7ATEYZDEG0W5PRYS',
+            role_slugs: %w[admin member],
+          )
+
+          expect(organization_membership.organization_id).to eq('organization_01H5JQDV7R7ATEYZDEG0W5PRYS')
+          expect(organization_membership.user_id).to eq('user_01H5JQDV7R7ATEYZDEG0W5PRYS')
+          expect(organization_membership.roles).to be_an(Array)
+          expect(organization_membership.roles.length).to eq(2)
+        end
+      end
+    end
   end
 
   describe '.update_organization_membership' do
@@ -1329,6 +1346,22 @@ describe WorkOS::UserManagement do
         end
       end
     end
+
+    context 'with role slugs' do
+      it 'updates an organization membership with multiple roles' do
+        VCR.use_cassette('user_management/update_organization_membership/valid_multiple_roles') do
+          organization_membership = WorkOS::UserManagement.update_organization_membership(
+            id: 'om_01H5JQDV7R7ATEYZDEG0W5PRYS',
+            role_slugs: %w[admin editor],
+          )
+
+          expect(organization_membership.organization_id).to eq('organization_01H5JQDV7R7ATEYZDEG0W5PRYS')
+          expect(organization_membership.user_id).to eq('user_01H5JQDV7R7ATEYZDEG0W5PRYS')
+          expect(organization_membership.roles).to be_an(Array)
+          expect(organization_membership.roles.length).to eq(2)
+        end
+      end
+    end
   end
 
   describe '.delete_organization_membership' do

data/spec/support/fixtures/vcr_cassettes/organization/list_organization_feature_flags.yml

@@ -0,0 +1,78 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/organizations/org_01HX7Q7R12H1JMAKN75SH2G529/feature-flags?order=desc
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.24.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Mon, 04 Aug 2025 18:37:04 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 96a029f4191e2f57-LAX
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1f7-g5rU0vT2OhGT9sAPsywR3YS8ePw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 9cd52998-5106-40cf-9080-82c07528c672
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=_9dbE_0fDVZ45WXvgEp8frEFOIlVDyARPbMk3AffOcs-1754332624329-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"list","data":[{"object":"feature_flag","id":"flag_01K1V04FV94RNDSN5GKSZVQMYN","slug":"new-sidebar-layout","name":"New
+        Sidebar Layout","description":"","created_at":"2025-08-04T16:55:15.557Z","updated_at":"2025-08-04T16:55:15.557Z"},{"object":"feature_flag","id":"flag_01K1V02KNS6WHYXKG0DWB87THK","slug":"dark-mode-toggle","name":"Dark
+        Mode Toggle","description":"","created_at":"2025-08-04T16:54:13.942Z","updated_at":"2025-08-04T16:54:13.942Z"}],"list_metadata":{"before":null,"after":null}}'
+  recorded_at: Mon, 04 Aug 2025 18:37:04 GMT
+recorded_with: VCR 6.3.1

data/spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid_multiple_roles.yml

@@ -0,0 +1,76 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/organization_memberships
+    body:
+      encoding: UTF-8
+      string: '{"user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"org_01H5JQDV7R7ATEYZDEG0W5PRYS","role_slugs":["admin","member"]}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.25.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Date:
+      - Mon, 06 Oct 2025 19:57:34 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '26'
+      Connection:
+      - keep-alive
+      Server:
+      - cloudflare
+      Cf-Ray:
+      - 98a7ba7fea91ead7-ORD
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 6507807d-d3b9-4e8f-9ca8-f84c6f9c6eb4
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=recfIuOTSO3jIxK5SUOdhHRRfTGoiOFOMgSbEpVIjpg-1759780654123-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+    body:
+      encoding: UTF-8
+      string: '{"object":"organization_membership","id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"organization_01H5JQDV7R7ATEYZDEG0W5PRYS","status":"active","role":{"slug":"member"}, "roles":[{"slug":"member"}, {"slug":"admin"}], "created_at":"2023-07-18T02:07:19.911Z","updated_at":"2023-07-18T02:07:19.911Z"}'
+  recorded_at: Mon, 06 Oct 2025 19:57:34 GMT
+recorded_with: VCR 6.3.1

data/spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid_multiple_roles.yml

@@ -0,0 +1,76 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/user_management/organization_memberships/om_01H5JQDV7R7ATEYZDEG0W5PRYS
+    body:
+      encoding: UTF-8
+      string: '{"id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","role_slugs":["admin","editor"]}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.25.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Tue, 07 Oct 2025 14:22:26 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '26'
+      Connection:
+      - keep-alive
+      Server:
+      - cloudflare
+      Cf-Ray:
+      - 98ae0cf66dd9344d-ORD
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 92b6245b-40a8-4bdd-95d1-e32f6e9d1d70
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=hq7zKar8D7SHPwNzTjLw.29beujgLQlq6cOYaWvYhEM-1759846946364-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+    body:
+      encoding: UTF-8
+      string: '{"object":"organization_membership","id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"organization_01H5JQDV7R7ATEYZDEG0W5PRYS","status":"active","role":{"slug":"admin"},"roles":[{"slug":"admin"},{"slug":"editor"}],"created_at":"2023-07-18T02:07:19.911Z","updated_at":"2023-07-18T02:07:19.911Z"}'
+  recorded_at: Tue, 07 Oct 2025 14:22:26 GMT
+recorded_with: VCR 6.3.1

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 5.24.0
+  version: 5.26.0
 platform: ruby
 authors:
 - WorkOS
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-07-30 00:00:00.000000000 Z
+date: 2025-10-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: encryptor
@@ -153,6 +153,7 @@ files:
 - lib/workos/event.rb
 - lib/workos/events.rb
 - lib/workos/factor.rb
+- lib/workos/feature_flag.rb
 - lib/workos/hash_provider.rb
 - lib/workos/impersonator.rb
 - lib/workos/invitation.rb
@@ -274,6 +275,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/organization/get.yml
 - spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/organization/list_organization_feature_flags.yml
 - spec/support/fixtures/vcr_cassettes/organization/list_organization_roles.yml
 - spec/support/fixtures/vcr_cassettes/organization/update.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_with_external_id.yml
@@ -324,6 +326,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid_multiple_roles.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
@@ -375,6 +378,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/user_management/send_verification_email/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid_multiple_roles.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/email.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/valid.yml
@@ -504,6 +508,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/organization/get.yml
 - spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/organization/list_organization_feature_flags.yml
 - spec/support/fixtures/vcr_cassettes/organization/list_organization_roles.yml
 - spec/support/fixtures/vcr_cassettes/organization/update.yml
 - spec/support/fixtures/vcr_cassettes/organization/update_with_external_id.yml
@@ -554,6 +559,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/create_magic_auth/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/create_organization_membership/valid_multiple_roles.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_password_reset/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/create_user_valid.yml
@@ -605,6 +611,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/user_management/send_verification_email/valid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid.yml
+- spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid_multiple_roles.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/email.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/invalid.yml
 - spec/support/fixtures/vcr_cassettes/user_management/update_user/valid.yml