workos 5.3.0 → 6.1.0

data/spec/support/fixtures/vcr_cassettes/user_management/resend_invitation/accepted.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/invitations/invitation_01H5JQDV7R7ATEYZDEG0W5PRYS/resend
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 400
+      message: Bad Request
+    headers:
+      Date:
+      - Mon, 17 Nov 2025 18:28:05 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7fa4ef0eeafe8c12-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"56-2Auj80JGmZ1uWGCY950ud8v4KLQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f5f06564-2f73-4b73-989b-b577cfbdaa9a
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=v55WlV2dq1rXkfx9668LFtglSD5c9292fFLKsviMegY-1692642485-0-AWmCDzQSIwCjWvanffzmFA5KJT/nWucOWyv7i3fyyXeH+i5iM9ZusABSbNOUR6zO2mcugNYr/TRj6ltRmm8eC3M=;
+        path=/; expires=Mon, 21-Aug-23 18:58:05 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bea6b3e4c8ea6479881eb565b1ab9a0b6deabae9-1692642485; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"code":"invite_accepted","message":"Invite has already been accepted."}'
+    http_version:
+  recorded_at: Mon, 17 Nov 2025 18:28:05 GMT
+recorded_with: VCR 5.0.0
+

data/spec/support/fixtures/vcr_cassettes/user_management/resend_invitation/expired.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/invitations/invitation_01H5JQDV7R7ATEYZDEG0W5PRYS/resend
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 400
+      message: Bad Request
+    headers:
+      Date:
+      - Mon, 17 Nov 2025 18:28:05 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7fa4ef0eeafe8c12-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"56-2Auj80JGmZ1uWGCY950ud8v4KLQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f5f06564-2f73-4b73-989b-b577cfbdaa9a
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=v55WlV2dq1rXkfx9668LFtglSD5c9292fFLKsviMegY-1692642485-0-AWmCDzQSIwCjWvanffzmFA5KJT/nWucOWyv7i3fyyXeH+i5iM9ZusABSbNOUR6zO2mcugNYr/TRj6ltRmm8eC3M=;
+        path=/; expires=Mon, 21-Aug-23 18:58:05 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bea6b3e4c8ea6479881eb565b1ab9a0b6deabae9-1692642485; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"code":"invite_expired","message":"Invite has expired."}'
+    http_version:
+  recorded_at: Mon, 17 Nov 2025 18:28:05 GMT
+recorded_with: VCR 5.0.0
+

data/spec/support/fixtures/vcr_cassettes/user_management/resend_invitation/invalid.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/invitations/invalid_id/resend
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 404
+      message: Not Found
+    headers:
+      Date:
+      - Mon, 17 Nov 2025 18:28:05 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7fa4ef0eeafe8c12-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"56-2Auj80JGmZ1uWGCY950ud8v4KLQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f5f06564-2f73-4b73-989b-b577cfbdaa9a
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=v55WlV2dq1rXkfx9668LFtglSD5c9292fFLKsviMegY-1692642485-0-AWmCDzQSIwCjWvanffzmFA5KJT/nWucOWyv7i3fyyXeH+i5iM9ZusABSbNOUR6zO2mcugNYr/TRj6ltRmm8eC3M=;
+        path=/; expires=Mon, 21-Aug-23 18:58:05 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bea6b3e4c8ea6479881eb565b1ab9a0b6deabae9-1692642485; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"message":"Invitation not found: ''invalid_id''.","code":"entity_not_found","entity_id":"bad_id"}'
+    http_version:
+  recorded_at: Mon, 17 Nov 2025 18:28:05 GMT
+recorded_with: VCR 5.0.0
+

data/spec/support/fixtures/vcr_cassettes/user_management/resend_invitation/revoked.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/user_management/invitations/invitation_01H5JQDV7R7ATEYZDEG0W5PRYS/resend
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin22; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 400
+      message: Bad Request
+    headers:
+      Date:
+      - Mon, 17 Nov 2025 18:28:05 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7fa4ef0eeafe8c12-EWR
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"56-2Auj80JGmZ1uWGCY950ud8v4KLQ"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - f5f06564-2f73-4b73-989b-b577cfbdaa9a
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=v55WlV2dq1rXkfx9668LFtglSD5c9292fFLKsviMegY-1692642485-0-AWmCDzQSIwCjWvanffzmFA5KJT/nWucOWyv7i3fyyXeH+i5iM9ZusABSbNOUR6zO2mcugNYr/TRj6ltRmm8eC3M=;
+        path=/; expires=Mon, 21-Aug-23 18:58:05 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=bea6b3e4c8ea6479881eb565b1ab9a0b6deabae9-1692642485; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"code":"invite_revoked","message":"Invite has been revoked."}'
+    http_version:
+  recorded_at: Mon, 17 Nov 2025 18:28:05 GMT
+recorded_with: VCR 5.0.0
+

data/spec/support/fixtures/vcr_cassettes/user_management/resend_invitation/valid.yml

@@ -0,0 +1,83 @@
+---
+http_interactions:
+  - request:
+      method: post
+      uri: https://api.workos.com/user_management/invitations/invitation_01H5JQDV7R7ATEYZDEG0W5PRYS/resend
+      body:
+        encoding: UTF-8
+        string: ""
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+        Authorization:
+          - Bearer <API_KEY>
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Date:
+          - Mon, 17 Nov 2025 18:28:05 GMT
+        Content-Type:
+          - application/json; charset=utf-8
+        Content-Length:
+          - "376"
+        Connection:
+          - keep-alive
+        Cf-Ray:
+          - 7ff6b9122b60f8dd-SEA
+        Cf-Cache-Status:
+          - DYNAMIC
+        Etag:
+          - W/"178-SVaSEtrIczZQlwnTK57+aDrxt/g"
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        Vary:
+          - Origin, Accept-Encoding
+        Via:
+          - 1.1 spaces-router (devel)
+        Access-Control-Allow-Credentials:
+          - "true"
+        Content-Security-Policy:
+          - "default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self'
+            https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src
+            'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests"
+        Expect-Ct:
+          - max-age=0
+        Referrer-Policy:
+          - no-referrer
+        X-Content-Type-Options:
+          - nosniff
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Download-Options:
+          - noopen
+        X-Frame-Options:
+          - SAMEORIGIN
+        X-Permitted-Cross-Domain-Policies:
+          - none
+        X-Request-Id:
+          - df30b890-b6d9-494f-b59c-317e85b5b5f0
+        X-Xss-Protection:
+          - "0"
+        Set-Cookie:
+          - __cf_bm=9k_hHql8o3VCr_ugrzhVkuvFJBIFO5rLKq88Tg1FQzI-1693500106-0-AWUpQpsgsfMWdRySOy7cT3NmqbANvylwBZn7ontxTsDKPijdiGDVMsPih2HAbK3+ldKDe9A1Ul6Mf2+9mfyLrjQ=;
+            path=/; expires=Thu, 31-Aug-23 17:11:46 GMT; domain=.workos.com; HttpOnly;
+            Secure; SameSite=None
+          - __cfruid=40a4c5b06423ba61b4c78144e7e0eddc58e13ff4-1693500106; path=/; domain=.workos.com;
+            HttpOnly; Secure; SameSite=None
+        Server:
+          - cloudflare
+      body:
+        encoding: UTF-8
+        string: '{"object":"invitation","id":"invitation_01H5JQDV7R7ATEYZDEG0W5PRYS","email":"test@workos.com","state":"pending","accepted_at":null,"revoked_at":null,"expires_at":"2023-07-25T02:07:19.911Z","organization_id":"org_01H5JQDV7R7ATEYZDEG0W5PRYS","token":"Z1uX3RbwcIl5fIGJJJCXXisdI","accept_invitation_url":"https://myauthkit.com/invite?invitation_token=Z1uX3RbwcIl5fIGJJJCXXisdI","created_at":"2023-07-18T02:07:19.911Z","updated_at":"2023-07-18T02:07:19.911Z"}'
+      http_version:
+    recorded_at: Mon, 17 Nov 2025 18:28:05 GMT
+recorded_with: VCR 5.0.0
+

data/spec/support/fixtures/vcr_cassettes/user_management/reset_password/valid.yml

@@ -76,7 +76,7 @@ http_interactions:
       - cloudflare
     body:
       encoding: UTF-8
-      string: '{"object":"user","id":"user_01H7WRJBPAAHX1BYRQHEK7QC4A","email":"lucy.lawless@example.com","first_name":"Lucy","last_name":"Lawless","created_at":"2023-08-15T14:11:04.519Z","updated_at":"2023-08-22T20:34:49.277Z","email_verified":false}'
+      string: '{"user":{"object":"user","id":"user_01H7WRJBPAAHX1BYRQHEK7QC4A","email":"lucy.lawless@example.com","first_name":"Lucy","last_name":"Lawless","created_at":"2023-08-15T14:11:04.519Z","updated_at":"2023-08-22T20:34:49.277Z","email_verified":false}}'
     http_version:
   recorded_at: Tue, 22 Aug 2023 20:35:40 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/update_organization_membership/valid_multiple_roles.yml

@@ -0,0 +1,76 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/user_management/organization_memberships/om_01H5JQDV7R7ATEYZDEG0W5PRYS
+    body:
+      encoding: UTF-8
+      string: '{"id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","role_slugs":["admin","editor"]}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin24; v5.25.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Tue, 07 Oct 2025 14:22:26 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '26'
+      Connection:
+      - keep-alive
+      Server:
+      - cloudflare
+      Cf-Ray:
+      - 98ae0cf66dd9344d-ORD
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - 92b6245b-40a8-4bdd-95d1-e32f6e9d1d70
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=hq7zKar8D7SHPwNzTjLw.29beujgLQlq6cOYaWvYhEM-1759846946364-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+    body:
+      encoding: UTF-8
+      string: '{"object":"organization_membership","id":"om_01H5JQDV7R7ATEYZDEG0W5PRYS","user_id":"user_01H5JQDV7R7ATEYZDEG0W5PRYS","organization_id":"organization_01H5JQDV7R7ATEYZDEG0W5PRYS","status":"active","role":{"slug":"admin"},"roles":[{"slug":"admin"},{"slug":"editor"}],"created_at":"2023-07-18T02:07:19.911Z","updated_at":"2023-07-18T02:07:19.911Z"}'
+  recorded_at: Tue, 07 Oct 2025 14:22:26 GMT
+recorded_with: VCR 6.3.1

data/spec/support/fixtures/vcr_cassettes/user_management/update_user/email.yml

@@ -0,0 +1,82 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/user_management/users/user_01H7TVSKS45SDHN5V9XPSM6H44
+    body:
+      encoding: UTF-8
+      string: '{"email":"jane@example.com"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.0.2; arm64-darwin21; v2.16.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Fri, 25 Aug 2023 23:37:04 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 7fc7a9287d0330ba-SEA
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"153-w5d8Z7u7b9Obt9NziECtNSAY9Ac"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (devel)
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - b333b9e1-c9ec-4e99-ae4f-17a854859cf1
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - __cf_bm=adC6w3NUNGTpdZDzNn39guANJ9wi798uCuqc_EI8190-1693006624-0-AcpsuyzFE/KdM7ev5pSVTt2vnGqCSZBOuQYZ0iKFiJT0mBlAuNITn3hICEKvcZ4LH7JUIyjnEOWfq2w7JyRmrJ4=;
+        path=/; expires=Sat, 26-Aug-23 00:07:04 GMT; domain=.workos.com; HttpOnly;
+        Secure; SameSite=None
+      - __cfruid=1d0cc3edf886cc7b90bd0c9c3226f5611a385c1a-1693006624; path=/; domain=.workos.com;
+        HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"user","id":"user_01H7TVSKS45SDHN5V9XPSM6H44","email":"jane@example.com","email_verified":false,"first_name":"Jane","last_name":"Doe","created_at":"2023-08-14T20:28:58.929Z","updated_at":"2023-08-25T22:57:44.262Z","user_type":"unmanaged","email_verified_at":null,"google_oauth_profile_id":null,"microsoft_oauth_profile_id":null}'
+    http_version:
+  recorded_at: Fri, 12 May 2025 23:37:04 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/user_management/update_user/locale.yml

@@ -0,0 +1,76 @@
+---
+http_interactions:
+- request:
+    method: put
+    uri: https://api.workos.com/user_management/users/user_01K78B3ZB5B7119MYEXTQE5KNE
+    body:
+      encoding: UTF-8
+      string: '{"locale":"en-US"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/3.1.4; arm64-darwin23; v5.25.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Date:
+      - Sat, 11 Oct 2025 00:40:19 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Transfer-Encoding:
+      - chunked
+      Connection:
+      - keep-alive
+      Cf-Ray:
+      - 98ca4e2ece4df13a-ORD
+      Cf-Cache-Status:
+      - DYNAMIC
+      Etag:
+      - W/"14b-avtqVpGgr9LY49Al2c3gzw62Mbc"
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      Expect-Ct:
+      - max-age=0
+      Referrer-Policy:
+      - no-referrer
+      X-Content-Type-Options:
+      - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      X-Request-Id:
+      - e9a5015e-44f0-4321-990a-66d2ba4a3e15
+      X-Xss-Protection:
+      - '0'
+      Set-Cookie:
+      - _cfuvid=IZBV12JrFjDy0rHr.O3LoIyI0iKnOHdGa_R3uam5bZI-1760143219077-0.0.1.1-604800000;
+        path=/; domain=.workos.com; HttpOnly; Secure; SameSite=None
+      Server:
+      - cloudflare
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"user","id":"user_01K78B3ZB5B7119MYEXTQE5KNE","email":"test-locale@example.com","email_verified":false,"first_name":"Jane","last_name":"Doe","profile_picture_url":null,"metadata":{},"last_sign_in_at":null,"locale":"en-US","created_at":"2025-10-11T00:35:49.727Z","updated_at":"2025-10-11T00:40:19.051Z","external_id":null}'
+  recorded_at: Sat, 11 Oct 2025 00:40:19 GMT
+recorded_with: VCR 6.3.1

data/spec/support/fixtures/vcr_cassettes/user_management/update_user/valid.yml

@@ -5,7 +5,7 @@ http_interactions:
     uri: https://api.workos.com/user_management/users/user_01H7TVSKS45SDHN5V9XPSM6H44
     body:
       encoding: UTF-8
-      string: '{"first_name":"Jane","last_name":"Doe","email_verified":false}'
+      string: '{"first_name":"Jane","last_name":"Doe","email_verified":false,"external_id":"123"}'
     headers:
       Content-Type:
       - application/json
@@ -76,7 +76,7 @@ http_interactions:
       - cloudflare
     body:
       encoding: ASCII-8BIT
-      string: '{"object":"user","id":"user_01H7TVSKS45SDHN5V9XPSM6H44","email":"willman@blips.app","email_verified":false,"first_name":"Jane","last_name":"Doe","created_at":"2023-08-14T20:28:58.929Z","updated_at":"2023-08-25T22:57:44.262Z","user_type":"unmanaged","email_verified_at":null,"google_oauth_profile_id":null,"microsoft_oauth_profile_id":null}'
+      string: '{"object":"user","id":"user_01H7TVSKS45SDHN5V9XPSM6H44","email":"willman@blips.app","email_verified":false,"first_name":"Jane","last_name":"Doe","external_id":"123","created_at":"2023-08-14T20:28:58.929Z","updated_at":"2023-08-25T22:57:44.262Z","user_type":"unmanaged","email_verified_at":null,"google_oauth_profile_id":null,"microsoft_oauth_profile_id":null}'
     http_version:
   recorded_at: Fri, 25 Aug 2023 23:37:04 GMT
 recorded_with: VCR 5.0.0