@workos-inc/node 3.9.2 → 4.0.1

package/lib/common/interfaces/event.interface.d.ts

@@ -1,5 +1,7 @@
 import { DirectoryUser, DirectoryUserResponse, DirectoryGroup, DirectoryGroupResponse, EventDirectory, EventDirectoryResponse } from '../../directory-sync/interfaces';
 import { Connection, ConnectionResponse } from '../../sso/interfaces';
+import { User, UserResponse } from '../../user-management/interfaces';
+import { OrganizationMembership, OrganizationMembershipResponse } from '../../user-management/interfaces/organization-membership.interface';
 export interface EventBase {
     id: string;
     createdAt: string;
@@ -136,7 +138,47 @@ export interface DsyncUserUpdatedEventResponse extends EventResponseBase {
     event: 'dsync.user.updated';
     data: DirectoryUserResponse & Record<'previous_attributes', any>;
 }
-export type Event = ConnectionActivatedEvent | ConnectionDeactivatedEvent | ConnectionDeletedEvent | DsyncActivatedEvent | DsyncDeactivatedEvent | DsyncDeletedEvent | DsyncGroupCreatedEvent | DsyncGroupUpdatedEvent | DsyncGroupDeletedEvent | DsyncGroupUserAddedEvent | DsyncGroupUserRemovedEvent | DsyncUserCreatedEvent | DsyncUserUpdatedEvent | DsyncUserDeletedEvent;
-export type EventResponse = ConnectionActivatedEventResponse | ConnectionDeactivatedEventResponse | ConnectionDeletedEventResponse | DsyncActivatedEventResponse | DsyncDeactivatedEventResponse | DsyncDeletedEventResponse | DsyncGroupCreatedEventResponse | DsyncGroupUpdatedEventResponse | DsyncGroupDeletedEventResponse | DsyncGroupUserAddedEventResponse | DsyncGroupUserRemovedEventResponse | DsyncUserCreatedEventResponse | DsyncUserUpdatedEventResponse | DsyncUserDeletedEventResponse;
-export type EventName = 'connection.activated' | 'connection.deactivated' | 'connection.deleted' | 'dsync.activated' | 'dsync.deactivated' | 'dsync.deleted' | 'dsync.group.created' | 'dsync.group.deleted' | 'dsync.group.updated' | 'dsync.group.user_added' | 'dsync.group.user_removed' | 'dsync.user.created' | 'dsync.user.deleted' | 'dsync.user.updated';
+export interface UserCreatedEvent extends EventBase {
+    event: 'user.created';
+    data: User;
+}
+export interface UserCreatedEventResponse extends EventResponseBase {
+    event: 'user.created';
+    data: UserResponse;
+}
+export interface UserUpdatedEvent extends EventBase {
+    event: 'user.updated';
+    data: User;
+}
+export interface UserUpdatedEventResponse extends EventResponseBase {
+    event: 'user.updated';
+    data: UserResponse;
+}
+export interface UserDeletedEvent extends EventBase {
+    event: 'user.deleted';
+    data: User;
+}
+export interface UserDeletedEventResponse extends EventResponseBase {
+    event: 'user.deleted';
+    data: UserResponse;
+}
+export interface OrganizationMembershipAdded extends EventBase {
+    event: 'organization_membership.added';
+    data: OrganizationMembership;
+}
+export interface OrganizationMembershipAddedResponse extends EventResponseBase {
+    event: 'organization_membership.added';
+    data: OrganizationMembershipResponse;
+}
+export interface OrganizationMembershipRemoved extends EventBase {
+    event: 'organization_membership.removed';
+    data: OrganizationMembership;
+}
+export interface OrganizationMembershipRemovedResponse extends EventResponseBase {
+    event: 'organization_membership.removed';
+    data: OrganizationMembershipResponse;
+}
+export type Event = ConnectionActivatedEvent | ConnectionDeactivatedEvent | ConnectionDeletedEvent | DsyncActivatedEvent | DsyncDeactivatedEvent | DsyncDeletedEvent | DsyncGroupCreatedEvent | DsyncGroupUpdatedEvent | DsyncGroupDeletedEvent | DsyncGroupUserAddedEvent | DsyncGroupUserRemovedEvent | DsyncUserCreatedEvent | DsyncUserUpdatedEvent | DsyncUserDeletedEvent | UserCreatedEvent | UserUpdatedEvent | UserDeletedEvent | OrganizationMembershipAdded | OrganizationMembershipRemoved;
+export type EventResponse = ConnectionActivatedEventResponse | ConnectionDeactivatedEventResponse | ConnectionDeletedEventResponse | DsyncActivatedEventResponse | DsyncDeactivatedEventResponse | DsyncDeletedEventResponse | DsyncGroupCreatedEventResponse | DsyncGroupUpdatedEventResponse | DsyncGroupDeletedEventResponse | DsyncGroupUserAddedEventResponse | DsyncGroupUserRemovedEventResponse | DsyncUserCreatedEventResponse | DsyncUserUpdatedEventResponse | DsyncUserDeletedEventResponse | UserCreatedEventResponse | UserUpdatedEventResponse | UserDeletedEventResponse | OrganizationMembershipAddedResponse | OrganizationMembershipRemovedResponse;
+export type EventName = 'connection.activated' | 'connection.deactivated' | 'connection.deleted' | 'dsync.activated' | 'dsync.deactivated' | 'dsync.deleted' | 'dsync.group.created' | 'dsync.group.deleted' | 'dsync.group.updated' | 'dsync.group.user_added' | 'dsync.group.user_removed' | 'dsync.user.created' | 'dsync.user.deleted' | 'dsync.user.updated' | 'user.created' | 'user.updated' | 'user.deleted' | 'organization_membership.added' | 'organization_membership.removed';
 export {};

package/lib/common/serializers/event.serializer.js

@@ -3,6 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.deserializeEvent = void 0;
 const serializers_1 = require("../../directory-sync/serializers");
 const serializers_2 = require("../../sso/serializers");
+const serializers_3 = require("../../user-management/serializers");
+const organization_membership_serializer_1 = require("../../user-management/serializers/organization-membership.serializer");
 const deserializeEvent = (event) => {
     const eventBase = {
         id: event.id,
@@ -35,6 +37,13 @@ const deserializeEvent = (event) => {
             return Object.assign(Object.assign({}, eventBase), { event: event.event, data: (0, serializers_1.deserializeDirectoryUser)(event.data) });
         case 'dsync.user.updated':
             return Object.assign(Object.assign({}, eventBase), { event: event.event, data: (0, serializers_1.deserializeUpdatedEventDirectoryUser)(event.data) });
+        case 'user.created':
+        case 'user.updated':
+        case 'user.deleted':
+            return Object.assign(Object.assign({}, eventBase), { event: event.event, data: (0, serializers_3.deserializeUser)(event.data) });
+        case 'organization_membership.added':
+        case 'organization_membership.removed':
+            return Object.assign(Object.assign({}, eventBase), { event: event.event, data: (0, organization_membership_serializer_1.deserializeOrganizationMembership)(event.data) });
     }
 };
 exports.deserializeEvent = deserializeEvent;

package/lib/directory-sync/interfaces/directory-user.interface.d.ts

@@ -8,14 +8,14 @@ export interface DirectoryUser<TCustomAttributes extends object = DefaultCustomA
     rawAttributes: TRawAttributes;
     customAttributes: TCustomAttributes;
     idpId: string;
-    firstName: string;
+    firstName: string | null;
     emails: {
-        type: string;
-        value: string;
-        primary: boolean;
+        type?: string;
+        value?: string;
+        primary?: boolean;
     }[];
-    username: string;
-    lastName: string;
+    username: string | null;
+    lastName: string | null;
     jobTitle: string | null;
     state: 'active' | 'inactive' | 'suspended';
     createdAt: string;
@@ -29,14 +29,14 @@ export interface DirectoryUserResponse<TCustomAttributes extends object = Defaul
     raw_attributes: TRawAttributes;
     custom_attributes: TCustomAttributes;
     idp_id: string;
-    first_name: string;
+    first_name: string | null;
     emails: {
-        type: string;
-        value: string;
-        primary: boolean;
+        type?: string;
+        value?: string;
+        primary?: boolean;
     }[];
-    username: string;
-    last_name: string;
+    username: string | null;
+    last_name: string | null;
     job_title: string | null;
     state: 'active' | 'inactive' | 'suspended';
     created_at: string;

package/lib/index.d.ts

@@ -1,6 +1,5 @@
 import { WorkOS } from './workos';
 export * from './audit-logs/interfaces';
-export * from './audit-trail/interfaces';
 export * from './common/exceptions';
 export * from './common/interfaces';
 export * from './common/utils/pagination';
@@ -11,6 +10,6 @@ export * from './organizations/interfaces';
 export * from './passwordless/interfaces';
 export * from './portal/interfaces';
 export * from './sso/interfaces';
-export * from './users/interfaces';
+export * from './user-management/interfaces';
 export { WorkOS };
 export default WorkOS;

package/lib/index.js

@@ -18,7 +18,6 @@ exports.WorkOS = void 0;
 const workos_1 = require("./workos");
 Object.defineProperty(exports, "WorkOS", { enumerable: true, get: function () { return workos_1.WorkOS; } });
 __exportStar(require("./audit-logs/interfaces"), exports);
-__exportStar(require("./audit-trail/interfaces"), exports);
 __exportStar(require("./common/exceptions"), exports);
 __exportStar(require("./common/interfaces"), exports);
 __exportStar(require("./common/utils/pagination"), exports);
@@ -29,6 +28,6 @@ __exportStar(require("./organizations/interfaces"), exports);
 __exportStar(require("./passwordless/interfaces"), exports);
 __exportStar(require("./portal/interfaces"), exports);
 __exportStar(require("./sso/interfaces"), exports);
-__exportStar(require("./users/interfaces"), exports);
+__exportStar(require("./user-management/interfaces"), exports);
 // tslint:disable-next-line:no-default-export
 exports.default = workos_1.WorkOS;

package/lib/mfa/interfaces/challenge.interface.d.ts

@@ -4,7 +4,7 @@ export interface Challenge {
     createdAt: string;
     updatedAt: string;
     expiresAt?: string;
-    code: string;
+    code?: string;
     authenticationFactorId: string;
 }
 export interface ChallengeResponse {
@@ -13,6 +13,6 @@ export interface ChallengeResponse {
     created_at: string;
     updated_at: string;
     expires_at?: string;
-    code: string;
+    code?: string;
     authentication_factor_id: string;
 }

package/lib/mfa/interfaces/factor.interface.d.ts

@@ -1,20 +1,24 @@
 import { Sms, SmsResponse } from './sms.interface';
 import { Totp, TotpResponse } from './totp.interface';
+type FactorType = 'sms' | 'totp' | 'generic_otp';
 export interface Factor {
     object: 'authentication_factor';
     id: string;
     createdAt: string;
     updatedAt: string;
-    type: string;
+    type: FactorType;
     sms?: Sms;
     totp?: Totp;
+    userId?: string;
 }
 export interface FactorResponse {
     object: 'authentication_factor';
     id: string;
     created_at: string;
     updated_at: string;
-    type: string;
+    type: FactorType;
     sms?: SmsResponse;
     totp?: TotpResponse;
+    user_id?: string;
 }
+export {};

package/lib/mfa/interfaces/totp.interface.d.ts

@@ -1,14 +1,19 @@
-export interface Totp {
+interface TotpObject {
     issuer: string;
     user: string;
     qrCode: string;
     secret: string;
     uri: string;
 }
-export interface TotpResponse {
+type TotpObjectWithOnlyIssuerAndUser = Pick<TotpObject, 'issuer' | 'user'>;
+export type Totp = TotpObject | TotpObjectWithOnlyIssuerAndUser;
+interface TotpResponseObject {
     issuer: string;
     user: string;
     qr_code: string;
     secret: string;
     uri: string;
 }
+type TotpResponseObjectWithOnlyIssuerAndUser = Pick<TotpResponseObject, 'issuer' | 'user'>;
+export type TotpResponse = TotpResponseObject | TotpResponseObjectWithOnlyIssuerAndUser;
+export {};

package/lib/mfa/serializers/factor.serializer.js

@@ -3,5 +3,5 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.deserializeFactor = void 0;
 const sms_serializer_1 = require("./sms.serializer");
 const totp_serializer_1 = require("./totp.serializer");
-const deserializeFactor = (factor) => (Object.assign(Object.assign({ object: factor.object, id: factor.id, createdAt: factor.created_at, updatedAt: factor.updated_at, type: factor.type }, (factor.sms ? { sms: (0, sms_serializer_1.deserializeSms)(factor.sms) } : {})), (factor.totp ? { totp: (0, totp_serializer_1.deserializeTotp)(factor.totp) } : {})));
+const deserializeFactor = (factor) => (Object.assign(Object.assign(Object.assign({ object: factor.object, id: factor.id, createdAt: factor.created_at, updatedAt: factor.updated_at, type: factor.type }, (factor.sms ? { sms: (0, sms_serializer_1.deserializeSms)(factor.sms) } : {})), (factor.totp ? { totp: (0, totp_serializer_1.deserializeTotp)(factor.totp) } : {})), { userId: factor.user_id }));
 exports.deserializeFactor = deserializeFactor;

package/lib/mfa/serializers/totp.serializer.js

@@ -1,11 +1,21 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.deserializeTotp = void 0;
-const deserializeTotp = (totp) => ({
-    issuer: totp.issuer,
-    user: totp.user,
-    qrCode: totp.qr_code,
-    secret: totp.secret,
-    uri: totp.uri,
-});
+const deserializeTotp = (totp) => {
+    if ('qr_code' in totp && 'secret' in totp && 'uri' in totp) {
+        return {
+            issuer: totp.issuer,
+            user: totp.user,
+            qrCode: totp.qr_code,
+            secret: totp.secret,
+            uri: totp.uri,
+        };
+    }
+    else {
+        return {
+            issuer: totp.issuer,
+            user: totp.user,
+        };
+    }
+};
 exports.deserializeTotp = deserializeTotp;

package/lib/sso/interfaces/authorization-url-options.interface.d.ts

@@ -1,5 +1,5 @@
 export interface AuthorizationURLOptions {
-    clientID: string;
+    clientId: string;
     connection?: string;
     organization?: string;
     /**

package/lib/sso/interfaces/get-profile-and-token-options.interface.d.ts

@@ -1,4 +1,4 @@
 export interface GetProfileAndTokenOptions {
-    clientID: string;
+    clientId: string;
     code: string;
 }

package/lib/sso/sso.d.ts

@@ -6,8 +6,8 @@ export declare class SSO {
     constructor(workos: WorkOS);
     listConnections(options?: ListConnectionsOptions): Promise<AutoPaginatable<Connection>>;
     deleteConnection(id: string): Promise<void>;
-    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }: AuthorizationURLOptions): string;
+    getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectURI, state, }: AuthorizationURLOptions): string;
     getConnection(id: string): Promise<Connection>;
-    getProfileAndToken({ code, clientID, }: GetProfileAndTokenOptions): Promise<ProfileAndToken>;
+    getProfileAndToken({ code, clientId, }: GetProfileAndTokenOptions): Promise<ProfileAndToken>;
     getProfile({ accessToken }: GetProfileOptions): Promise<Profile>;
 }

package/lib/sso/sso.js

@@ -38,7 +38,7 @@ class SSO {
             yield this.workos.delete(`/connections/${id}`);
         });
     }
-    getAuthorizationURL({ connection, clientID, domain, domainHint, loginHint, organization, provider, redirectURI, state, }) {
+    getAuthorizationUrl({ connection, clientId, domain, domainHint, loginHint, organization, provider, redirectURI, state, }) {
         if (!domain && !provider && !connection && !organization) {
             throw new Error(`Incomplete arguments. Need to specify either a 'connection', 'organization', 'domain', or 'provider'.`);
         }
@@ -52,7 +52,7 @@ class SSO {
             domain_hint: domainHint,
             login_hint: loginHint,
             provider,
-            client_id: clientID,
+            client_id: clientId,
             redirect_uri: redirectURI,
             response_type: 'code',
             state,
@@ -65,10 +65,10 @@ class SSO {
             return (0, serializers_1.deserializeConnection)(data);
         });
     }
-    getProfileAndToken({ code, clientID, }) {
+    getProfileAndToken({ code, clientId, }) {
         return __awaiter(this, void 0, void 0, function* () {
             const form = new URLSearchParams({
-                client_id: clientID,
+                client_id: clientId,
                 client_secret: this.workos.key,
                 grant_type: 'authorization_code',
                 code,

package/lib/sso/sso.spec.js

@@ -29,13 +29,13 @@ describe('SSO', () => {
         updated_at: '2023-07-17T20:07:20.055Z',
     };
     describe('SSO', () => {
-        describe('getAuthorizationURL', () => {
+        describe('getAuthorizationUrl', () => {
             describe('with no custom api hostname', () => {
                 it('generates an authorize url with the default api hostname', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         domain: 'lyft.com',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(url).toMatchSnapshot();
@@ -44,8 +44,8 @@ describe('SSO', () => {
             describe('with no domain or provider', () => {
                 it('throws an error for incomplete arguments', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-                    const urlFn = () => workos.sso.getAuthorizationURL({
-                        clientID: 'proj_123',
+                    const urlFn = () => workos.sso.getAuthorizationUrl({
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(urlFn).toThrowErrorMatchingSnapshot();
@@ -56,9 +56,9 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
                         apiHostname: 'api.workos.dev',
                     });
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         provider: 'Google',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(url).toMatchSnapshot();
@@ -69,9 +69,9 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
                         apiHostname: 'api.workos.dev',
                     });
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         connection: 'connection_123',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(url).toMatchSnapshot();
@@ -82,9 +82,9 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
                         apiHostname: 'api.workos.dev',
                     });
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         organization: 'organization_123',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(url).toMatchSnapshot();
@@ -95,9 +95,9 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU', {
                         apiHostname: 'api.workos.dev',
                     });
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         domain: 'lyft.com',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                     });
                     expect(url).toMatchSnapshot();
@@ -106,9 +106,9 @@ describe('SSO', () => {
             describe('with state', () => {
                 it('generates an authorize url with the provided state', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         domain: 'lyft.com',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                         state: 'custom state',
                     });
@@ -118,10 +118,10 @@ describe('SSO', () => {
             describe('with domainHint', () => {
                 it('generates an authorize url with the provided domain hint', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         domainHint: 'lyft.com',
                         connection: 'connection_123',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                         state: 'custom state',
                     });
@@ -131,10 +131,10 @@ describe('SSO', () => {
             describe('with loginHint', () => {
                 it('generates an authorize url with the provided login hint', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
-                    const url = workos.sso.getAuthorizationURL({
+                    const url = workos.sso.getAuthorizationUrl({
                         loginHint: 'foo@workos.com',
                         connection: 'connection_123',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                         redirectURI: 'example.com/sso/workos/callback',
                         state: 'custom state',
                     });
@@ -186,7 +186,7 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
                     const { accessToken, profile } = yield workos.sso.getProfileAndToken({
                         code: 'authorization_code',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                     });
                     expect(mock.history.post.length).toBe(1);
                     const { data, headers } = mock.history.post[0];
@@ -237,7 +237,7 @@ describe('SSO', () => {
                     const workos = new workos_1.WorkOS('sk_test_Sz3IQjepeSWaI4cMS4ms4sMuU');
                     const { accessToken, profile } = yield workos.sso.getProfileAndToken({
                         code: 'authorization_code',
-                        clientID: 'proj_123',
+                        clientId: 'proj_123',
                     });
                     expect(mock.history.post.length).toBe(1);
                     const { data, headers } = mock.history.post[0];

package/lib/user-management/fixtures/invitation.json

@@ -0,0 +1,13 @@
+{
+    "object": "invitation",
+    "id": "invitation_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "email": "dane@workos.com",
+    "state": "pending",
+    "accepted_at": "2023-07-18T02:07:19.911Z",
+    "revoked_at": "2023-07-18T02:07:19.911Z",
+    "expires_at": "2023-07-18T02:07:19.911Z",
+    "organization_id": "org_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "token": "Z1uX3RbwcIl5fIGJJJCXXisdI",
+    "created_at": "2023-07-18T02:07:19.911Z",
+    "updated_at": "2023-07-18T02:07:19.911Z"
+}

package/lib/user-management/fixtures/list-invitations.json

@@ -0,0 +1,22 @@
+{
+    "object": "list",
+    "data": [
+        {
+            "object": "invitation",
+            "id": "invitation_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "email": "dane@workos.com",
+            "state": "pending",
+            "accepted_at": "2023-07-18T02:07:19.911Z",
+            "revoked_at": "2023-07-18T02:07:19.911Z",
+            "expires_at": "2023-07-18T02:07:19.911Z",
+            "organization_id": "org_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "token": "Z1uX3RbwcIl5fIGJJJCXXisdI",
+            "created_at": "2023-07-18T02:07:19.911Z",
+            "updated_at": "2023-07-18T02:07:19.911Z"
+        }
+    ],
+    "list_metadata": {
+        "before": null,
+        "after": null
+    }
+}

package/lib/user-management/fixtures/list-organization-memberships.json

@@ -0,0 +1,17 @@
+{
+    "object": "list",
+    "data": [
+        {
+            "object": "organization_membership",
+            "id": "om_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "user_id": "user_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "organization_id": "organization_01H5JQDV7R7ATEYZDEG0W5PRYS",
+            "created_at": "2023-07-18T02:07:19.911Z",
+            "updated_at": "2023-07-18T02:07:19.911Z"
+        }
+    ],
+    "list_metadata": {
+        "before": null,
+        "after": null
+    }
+}

package/lib/user-management/fixtures/organization-membership.json

@@ -0,0 +1,8 @@
+{
+    "object": "organization_membership",
+    "id": "om_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "user_id": "user_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "organization_id": "organization_01H5JQDV7R7ATEYZDEG0W5PRYS",
+    "created_at": "2023-07-18T02:07:19.911Z",
+    "updated_at": "2023-07-18T02:07:19.911Z"
+}

package/lib/user-management/interfaces/authenticate-with-code-options.interface.d.ts

@@ -0,0 +1,11 @@
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithCodeOptions extends AuthenticateWithOptionsBase {
+    code: string;
+}
+export interface AuthenticateUserWithCodeCredentials {
+    clientSecret: string | undefined;
+}
+export interface SerializedAuthenticateWithCodeOptions extends SerializedAuthenticateWithOptionsBase {
+    grant_type: 'authorization_code';
+    code: string;
+}

package/lib/user-management/interfaces/authenticate-with-email-verification-options.interface.d.ts

@@ -0,0 +1,13 @@
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithEmailVerificationOptions extends AuthenticateWithOptionsBase {
+    code: string;
+    pendingAuthenticationToken: string;
+}
+export interface AuthenticateUserWithEmailVerificationCredentials {
+    clientSecret: string | undefined;
+}
+export interface SerializedAuthenticateWithEmailVerificationOptions extends SerializedAuthenticateWithOptionsBase {
+    grant_type: 'urn:workos:oauth:grant-type:email-verification:code';
+    code: string;
+    pending_authentication_token: string;
+}

package/lib/user-management/interfaces/authenticate-with-magic-auth-options.interface.d.ts

@@ -0,0 +1,15 @@
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithMagicAuthOptions extends AuthenticateWithOptionsBase {
+    code: string;
+    email: string;
+    linkAuthorizationCode?: string;
+}
+export interface AuthenticateUserWithMagicAuthCredentials {
+    clientSecret: string | undefined;
+}
+export interface SerializedAuthenticateWithMagicAuthOptions extends SerializedAuthenticateWithOptionsBase {
+    grant_type: 'urn:workos:oauth:grant-type:magic-auth:code';
+    code: string;
+    email: string;
+    link_authorization_code?: string;
+}

package/lib/user-management/interfaces/authenticate-with-options-base.interface.d.ts

@@ -0,0 +1,11 @@
+export interface AuthenticateWithOptionsBase {
+    clientId: string;
+    ipAddress?: string;
+    userAgent?: string;
+}
+export interface SerializedAuthenticateWithOptionsBase {
+    client_id: string;
+    client_secret: string | undefined;
+    ip_address?: string;
+    user_agent?: string;
+}

package/lib/user-management/interfaces/authenticate-with-organization-selection.interface.d.ts

@@ -0,0 +1,13 @@
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithOrganizationSelectionOptions extends AuthenticateWithOptionsBase {
+    organizationId: string;
+    pendingAuthenticationToken: string;
+}
+export interface AuthenticateUserWithOrganizationSelectionCredentials {
+    clientSecret: string | undefined;
+}
+export interface SerializedAuthenticateWithOrganizationSelectionOptions extends SerializedAuthenticateWithOptionsBase {
+    grant_type: 'urn:workos:oauth:grant-type:organization-selection';
+    organization_id: string;
+    pending_authentication_token: string;
+}

package/lib/user-management/interfaces/authenticate-with-password-options.interface.d.ts

@@ -0,0 +1,13 @@
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithPasswordOptions extends AuthenticateWithOptionsBase {
+    email: string;
+    password: string;
+}
+export interface AuthenticateUserWithPasswordCredentials {
+    clientSecret: string | undefined;
+}
+export interface SerializedAuthenticateWithPasswordOptions extends SerializedAuthenticateWithOptionsBase {
+    grant_type: 'password';
+    email: string;
+    password: string;
+}

package/lib/{users → user-management}/interfaces/authenticate-with-totp-options.interface.d.ts

@@ -1,21 +1,15 @@
-export interface AuthenticateWithTotpOptions {
-    clientId: string;
+import { AuthenticateWithOptionsBase, SerializedAuthenticateWithOptionsBase } from './authenticate-with-options-base.interface';
+export interface AuthenticateWithTotpOptions extends AuthenticateWithOptionsBase {
     code: string;
     pendingAuthenticationToken: string;
     authenticationChallengeId: string;
-    ipAddress?: string;
-    userAgent?: string;
 }
 export interface AuthenticateUserWithTotpCredentials {
     clientSecret: string | undefined;
 }
-export interface SerializedAuthenticateWithTotpOptions {
+export interface SerializedAuthenticateWithTotpOptions extends SerializedAuthenticateWithOptionsBase {
     grant_type: 'urn:workos:oauth:grant-type:mfa-totp';
-    client_id: string;
-    client_secret: string | undefined;
     code: string;
     pending_authentication_token: string;
     authentication_challenge_id: string;
-    ip_address?: string;
-    user_agent?: string;
 }