@workos/mcp-docs-server 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.docs/organized/changelogs/workos-platform.json +277 -0
- package/.docs/organized/docs/admin-portal/_navigation.mdx +16 -0
- package/.docs/organized/docs/admin-portal/custom-branding.mdx +111 -0
- package/.docs/organized/docs/admin-portal/example-apps.mdx +46 -0
- package/.docs/organized/docs/admin-portal/index.mdx +240 -0
- package/.docs/organized/docs/audit-logs/_navigation.mdx +22 -0
- package/.docs/organized/docs/audit-logs/admin-portal.mdx +20 -0
- package/.docs/organized/docs/audit-logs/editing-events.mdx +27 -0
- package/.docs/organized/docs/audit-logs/exporting-events.mdx +29 -0
- package/.docs/organized/docs/audit-logs/index.mdx +110 -0
- package/.docs/organized/docs/audit-logs/log-streams.mdx +56 -0
- package/.docs/organized/docs/audit-logs/metadata-schema.mdx +21 -0
- package/.docs/organized/docs/custom-domains/_navigation.mdx +16 -0
- package/.docs/organized/docs/custom-domains/admin-portal.mdx +38 -0
- package/.docs/organized/docs/custom-domains/auth-api.mdx +59 -0
- package/.docs/organized/docs/custom-domains/authkit.mdx +36 -0
- package/.docs/organized/docs/custom-domains/email.mdx +41 -0
- package/.docs/organized/docs/custom-domains/index.mdx +19 -0
- package/.docs/organized/docs/dashboard.mdx +244 -0
- package/.docs/organized/docs/demo/_navigation.mdx +26 -0
- package/.docs/organized/docs/demo/accordion.mdx +34 -0
- package/.docs/organized/docs/demo/checklist.mdx +33 -0
- package/.docs/organized/docs/demo/code-block.mdx +185 -0
- package/.docs/organized/docs/demo/definition-list.mdx +35 -0
- package/.docs/organized/docs/demo/index.mdx +7 -0
- package/.docs/organized/docs/demo/punctuation.mdx +37 -0
- package/.docs/organized/docs/demo/replacements.mdx +26 -0
- package/.docs/organized/docs/demo/table.mdx +26 -0
- package/.docs/organized/docs/demo/tabs.mdx +17 -0
- package/.docs/organized/docs/directory-sync/_navigation.mdx +28 -0
- package/.docs/organized/docs/directory-sync/attributes.mdx +209 -0
- package/.docs/organized/docs/directory-sync/example-apps.mdx +46 -0
- package/.docs/organized/docs/directory-sync/handle-inactive-users.mdx +52 -0
- package/.docs/organized/docs/directory-sync/identity-provider-role-assignment.mdx +134 -0
- package/.docs/organized/docs/directory-sync/index.mdx +107 -0
- package/.docs/organized/docs/directory-sync/quick-start.mdx +129 -0
- package/.docs/organized/docs/directory-sync/understanding-events.mdx +209 -0
- package/.docs/organized/docs/domain-verification/_navigation.mdx +10 -0
- package/.docs/organized/docs/domain-verification/api.mdx +60 -0
- package/.docs/organized/docs/domain-verification/index.mdx +67 -0
- package/.docs/organized/docs/email.mdx +109 -0
- package/.docs/organized/docs/events/_navigation.mdx +22 -0
- package/.docs/organized/docs/events/data-syncing/data-reconciliation.mdx +56 -0
- package/.docs/organized/docs/events/data-syncing/events-api.mdx +114 -0
- package/.docs/organized/docs/events/data-syncing/index.mdx +66 -0
- package/.docs/organized/docs/events/data-syncing/webhooks.mdx +173 -0
- package/.docs/organized/docs/events/index.mdx +783 -0
- package/.docs/organized/docs/events/observability/datadog.mdx +76 -0
- package/.docs/organized/docs/fga/_navigation.mdx +64 -0
- package/.docs/organized/docs/fga/identity-provider-sessions.mdx +68 -0
- package/.docs/organized/docs/fga/index.mdx +60 -0
- package/.docs/organized/docs/fga/local-development.mdx +155 -0
- package/.docs/organized/docs/fga/modeling/abac.mdx +107 -0
- package/.docs/organized/docs/fga/modeling/blocklist.mdx +84 -0
- package/.docs/organized/docs/fga/modeling/conditional-roles.mdx +99 -0
- package/.docs/organized/docs/fga/modeling/custom-roles.mdx +90 -0
- package/.docs/organized/docs/fga/modeling/entitlements.mdx +127 -0
- package/.docs/organized/docs/fga/modeling/managed-service-provider.mdx +131 -0
- package/.docs/organized/docs/fga/modeling/org-roles-and-permissions.mdx +95 -0
- package/.docs/organized/docs/fga/modeling/policy-context.mdx +231 -0
- package/.docs/organized/docs/fga/modeling/public-access.mdx +61 -0
- package/.docs/organized/docs/fga/modeling/shareable-content.mdx +106 -0
- package/.docs/organized/docs/fga/modeling/superusers.mdx +74 -0
- package/.docs/organized/docs/fga/modeling/user-groups.mdx +92 -0
- package/.docs/organized/docs/fga/operations-usage.mdx +104 -0
- package/.docs/organized/docs/fga/playground.mdx +12 -0
- package/.docs/organized/docs/fga/policies.mdx +462 -0
- package/.docs/organized/docs/fga/query-language.mdx +112 -0
- package/.docs/organized/docs/fga/quick-start.mdx +174 -0
- package/.docs/organized/docs/fga/resources.mdx +92 -0
- package/.docs/organized/docs/fga/schema-management.mdx +224 -0
- package/.docs/organized/docs/fga/schema.mdx +388 -0
- package/.docs/organized/docs/fga/warrant-tokens.mdx +44 -0
- package/.docs/organized/docs/fga/warrants.mdx +92 -0
- package/.docs/organized/docs/glossary.mdx +184 -0
- package/.docs/organized/docs/integrations/_navigation.mdx +6 -0
- package/.docs/organized/docs/integrations/access-people-hr.mdx +87 -0
- package/.docs/organized/docs/integrations/adp-oidc.mdx +103 -0
- package/.docs/organized/docs/integrations/apple.mdx +169 -0
- package/.docs/organized/docs/integrations/auth0-directory-sync.mdx +78 -0
- package/.docs/organized/docs/integrations/auth0-enterprise-connection.mdx +92 -0
- package/.docs/organized/docs/integrations/auth0-saml.mdx +81 -0
- package/.docs/organized/docs/integrations/aws-cognito.mdx +81 -0
- package/.docs/organized/docs/integrations/bamboohr.mdx +90 -0
- package/.docs/organized/docs/integrations/breathe-hr.mdx +89 -0
- package/.docs/organized/docs/integrations/bubble.mdx +129 -0
- package/.docs/organized/docs/integrations/cas-saml.mdx +65 -0
- package/.docs/organized/docs/integrations/cezanne.mdx +74 -0
- package/.docs/organized/docs/integrations/classlink-saml.mdx +100 -0
- package/.docs/organized/docs/integrations/cloudflare-saml.mdx +164 -0
- package/.docs/organized/docs/integrations/cyberark-saml.mdx +138 -0
- package/.docs/organized/docs/integrations/cyberark-scim.mdx +100 -0
- package/.docs/organized/docs/integrations/duo-saml.mdx +127 -0
- package/.docs/organized/docs/integrations/entra-id-saml.mdx +156 -0
- package/.docs/organized/docs/integrations/entra-id-scim.mdx +218 -0
- package/.docs/organized/docs/integrations/firebase.mdx +98 -0
- package/.docs/organized/docs/integrations/fourth.mdx +66 -0
- package/.docs/organized/docs/integrations/github-oauth.mdx +85 -0
- package/.docs/organized/docs/integrations/gitlab-oauth.mdx +81 -0
- package/.docs/organized/docs/integrations/google-directory-sync.mdx +86 -0
- package/.docs/organized/docs/integrations/google-oauth.mdx +173 -0
- package/.docs/organized/docs/integrations/google-saml.mdx +135 -0
- package/.docs/organized/docs/integrations/hibob.mdx +98 -0
- package/.docs/organized/docs/integrations/jumpcloud-saml.mdx +96 -0
- package/.docs/organized/docs/integrations/jumpcloud-scim.mdx +106 -0
- package/.docs/organized/docs/integrations/keycloak-saml.mdx +128 -0
- package/.docs/organized/docs/integrations/lastpass-saml.mdx +134 -0
- package/.docs/organized/docs/integrations/linkedin-oauth.mdx +77 -0
- package/.docs/organized/docs/integrations/login-gov-oidc.mdx +103 -0
- package/.docs/organized/docs/integrations/microsoft-ad-fs-saml.mdx +96 -0
- package/.docs/organized/docs/integrations/microsoft-oauth.mdx +101 -0
- package/.docs/organized/docs/integrations/miniorange-saml.mdx +124 -0
- package/.docs/organized/docs/integrations/net-iq-saml.mdx +75 -0
- package/.docs/organized/docs/integrations/next-auth.mdx +257 -0
- package/.docs/organized/docs/integrations/oidc.mdx +64 -0
- package/.docs/organized/docs/integrations/okta-saml.mdx +144 -0
- package/.docs/organized/docs/integrations/okta-scim.mdx +210 -0
- package/.docs/organized/docs/integrations/onelogin-saml.mdx +131 -0
- package/.docs/organized/docs/integrations/onelogin-scim.mdx +150 -0
- package/.docs/organized/docs/integrations/oracle-saml.mdx +76 -0
- package/.docs/organized/docs/integrations/pingfederate-saml.mdx +103 -0
- package/.docs/organized/docs/integrations/pingfederate-scim.mdx +150 -0
- package/.docs/organized/docs/integrations/pingone-saml.mdx +86 -0
- package/.docs/organized/docs/integrations/react-native-expo.mdx +93 -0
- package/.docs/organized/docs/integrations/rippling-saml.mdx +174 -0
- package/.docs/organized/docs/integrations/rippling-scim.mdx +148 -0
- package/.docs/organized/docs/integrations/salesforce-saml.mdx +143 -0
- package/.docs/organized/docs/integrations/saml.mdx +64 -0
- package/.docs/organized/docs/integrations/scim.mdx +64 -0
- package/.docs/organized/docs/integrations/sftp.mdx +150 -0
- package/.docs/organized/docs/integrations/shibboleth-generic-saml.mdx +84 -0
- package/.docs/organized/docs/integrations/shibboleth-unsolicited-saml.mdx +84 -0
- package/.docs/organized/docs/integrations/simple-saml-php.mdx +78 -0
- package/.docs/organized/docs/integrations/slack-oauth.mdx +102 -0
- package/.docs/organized/docs/integrations/supabase.mdx +68 -0
- package/.docs/organized/docs/integrations/vmware-saml.mdx +100 -0
- package/.docs/organized/docs/integrations/workday.mdx +156 -0
- package/.docs/organized/docs/integrations/xero-oauth.mdx +83 -0
- package/.docs/organized/docs/magic-link/_navigation.mdx +16 -0
- package/.docs/organized/docs/magic-link/example-apps.mdx +46 -0
- package/.docs/organized/docs/magic-link/index.mdx +199 -0
- package/.docs/organized/docs/magic-link/launch-checklist.mdx +27 -0
- package/.docs/organized/docs/mfa/_navigation.mdx +18 -0
- package/.docs/organized/docs/mfa/example-apps.mdx +46 -0
- package/.docs/organized/docs/mfa/index.mdx +140 -0
- package/.docs/organized/docs/mfa/ux/enrollment.mdx +74 -0
- package/.docs/organized/docs/mfa/ux/sign-in.mdx +30 -0
- package/.docs/organized/docs/migrate/_navigation.mdx +6 -0
- package/.docs/organized/docs/migrate/auth0.mdx +98 -0
- package/.docs/organized/docs/migrate/aws-cognito.mdx +115 -0
- package/.docs/organized/docs/migrate/clerk.mdx +106 -0
- package/.docs/organized/docs/migrate/firebase.mdx +80 -0
- package/.docs/organized/docs/migrate/other-services.mdx +179 -0
- package/.docs/organized/docs/migrate/standalone-sso.mdx +105 -0
- package/.docs/organized/docs/on-prem-deployment.mdx +119 -0
- package/.docs/organized/docs/postman.mdx +90 -0
- package/.docs/organized/docs/reference/_navigation.mdx +527 -0
- package/.docs/organized/docs/reference/admin-portal/index.mdx +6 -0
- package/.docs/organized/docs/reference/admin-portal/portal-link/generate.mdx +268 -0
- package/.docs/organized/docs/reference/admin-portal/portal-link/index.mdx +15 -0
- package/.docs/organized/docs/reference/admin-portal/provider-icons/index.mdx +52 -0
- package/.docs/organized/docs/reference/api-keys.mdx +22 -0
- package/.docs/organized/docs/reference/audit-logs/audit-log-export.mdx +239 -0
- package/.docs/organized/docs/reference/audit-logs/audit-log-schema.mdx +69 -0
- package/.docs/organized/docs/reference/audit-logs/create-event.mdx +673 -0
- package/.docs/organized/docs/reference/audit-logs/create-export.mdx +308 -0
- package/.docs/organized/docs/reference/audit-logs/create-schema.mdx +95 -0
- package/.docs/organized/docs/reference/audit-logs/get-export.mdx +117 -0
- package/.docs/organized/docs/reference/audit-logs/get-retention.mdx +34 -0
- package/.docs/organized/docs/reference/audit-logs/index.mdx +6 -0
- package/.docs/organized/docs/reference/audit-logs/list-actions.mdx +40 -0
- package/.docs/organized/docs/reference/audit-logs/list-schemas.mdx +40 -0
- package/.docs/organized/docs/reference/audit-logs/set-retention.mdx +39 -0
- package/.docs/organized/docs/reference/client-libraries.mdx +19 -0
- package/.docs/organized/docs/reference/directory-sync/directory/delete.mdx +90 -0
- package/.docs/organized/docs/reference/directory-sync/directory/get.mdx +105 -0
- package/.docs/organized/docs/reference/directory-sync/directory/index.mdx +385 -0
- package/.docs/organized/docs/reference/directory-sync/directory/list.mdx +281 -0
- package/.docs/organized/docs/reference/directory-sync/directory-group/get.mdx +105 -0
- package/.docs/organized/docs/reference/directory-sync/directory-group/index.mdx +277 -0
- package/.docs/organized/docs/reference/directory-sync/directory-group/list.mdx +295 -0
- package/.docs/organized/docs/reference/directory-sync/directory-user/get.mdx +112 -0
- package/.docs/organized/docs/reference/directory-sync/directory-user/index.mdx +470 -0
- package/.docs/organized/docs/reference/directory-sync/directory-user/list.mdx +304 -0
- package/.docs/organized/docs/reference/directory-sync/index.mdx +10 -0
- package/.docs/organized/docs/reference/domain-verification/create.mdx +38 -0
- package/.docs/organized/docs/reference/domain-verification/get.mdx +32 -0
- package/.docs/organized/docs/reference/domain-verification/index.mdx +84 -0
- package/.docs/organized/docs/reference/domain-verification/verify.mdx +36 -0
- package/.docs/organized/docs/reference/errors.mdx +30 -0
- package/.docs/organized/docs/reference/events/index.mdx +9 -0
- package/.docs/organized/docs/reference/events/list.mdx +246 -0
- package/.docs/organized/docs/reference/fga/batch-check.mdx +277 -0
- package/.docs/organized/docs/reference/fga/check.mdx +563 -0
- package/.docs/organized/docs/reference/fga/index.mdx +6 -0
- package/.docs/organized/docs/reference/fga/policy/create.mdx +27 -0
- package/.docs/organized/docs/reference/fga/policy/delete.mdx +18 -0
- package/.docs/organized/docs/reference/fga/policy/get.mdx +23 -0
- package/.docs/organized/docs/reference/fga/policy/index.mdx +52 -0
- package/.docs/organized/docs/reference/fga/policy/list.mdx +41 -0
- package/.docs/organized/docs/reference/fga/policy/update.mdx +26 -0
- package/.docs/organized/docs/reference/fga/query.mdx +375 -0
- package/.docs/organized/docs/reference/fga/resource/batch-write.mdx +175 -0
- package/.docs/organized/docs/reference/fga/resource/create.mdx +130 -0
- package/.docs/organized/docs/reference/fga/resource/delete.mdx +86 -0
- package/.docs/organized/docs/reference/fga/resource/get.mdx +88 -0
- package/.docs/organized/docs/reference/fga/resource/index.mdx +98 -0
- package/.docs/organized/docs/reference/fga/resource/list.mdx +188 -0
- package/.docs/organized/docs/reference/fga/resource/update.mdx +115 -0
- package/.docs/organized/docs/reference/fga/resource-type/apply.mdx +35 -0
- package/.docs/organized/docs/reference/fga/resource-type/create.mdx +24 -0
- package/.docs/organized/docs/reference/fga/resource-type/delete.mdx +22 -0
- package/.docs/organized/docs/reference/fga/resource-type/get.mdx +23 -0
- package/.docs/organized/docs/reference/fga/resource-type/index.mdx +68 -0
- package/.docs/organized/docs/reference/fga/resource-type/list.mdx +36 -0
- package/.docs/organized/docs/reference/fga/resource-type/update.mdx +23 -0
- package/.docs/organized/docs/reference/fga/schema/apply.mdx +42 -0
- package/.docs/organized/docs/reference/fga/schema/get.mdx +24 -0
- package/.docs/organized/docs/reference/fga/schema/index.mdx +39 -0
- package/.docs/organized/docs/reference/fga/warrant/batch-write.mdx +226 -0
- package/.docs/organized/docs/reference/fga/warrant/create.mdx +215 -0
- package/.docs/organized/docs/reference/fga/warrant/delete.mdx +212 -0
- package/.docs/organized/docs/reference/fga/warrant/index.mdx +186 -0
- package/.docs/organized/docs/reference/fga/warrant/list.mdx +282 -0
- package/.docs/organized/docs/reference/idempotency.mdx +21 -0
- package/.docs/organized/docs/reference/index.mdx +194 -0
- package/.docs/organized/docs/reference/magic-link/index.mdx +8 -0
- package/.docs/organized/docs/reference/magic-link/passwordless-session/create.mdx +268 -0
- package/.docs/organized/docs/reference/magic-link/passwordless-session/index.mdx +203 -0
- package/.docs/organized/docs/reference/magic-link/passwordless-session/send-email.mdx +158 -0
- package/.docs/organized/docs/reference/mfa/authentication-challenge.mdx +217 -0
- package/.docs/organized/docs/reference/mfa/authentication-factor.mdx +381 -0
- package/.docs/organized/docs/reference/mfa/challenge-factor.mdx +170 -0
- package/.docs/organized/docs/reference/mfa/delete-factor.mdx +93 -0
- package/.docs/organized/docs/reference/mfa/enroll-factor.mdx +241 -0
- package/.docs/organized/docs/reference/mfa/get-factor.mdx +108 -0
- package/.docs/organized/docs/reference/mfa/index.mdx +8 -0
- package/.docs/organized/docs/reference/mfa/verify-challenge.mdx +228 -0
- package/.docs/organized/docs/reference/organization/create.mdx +216 -0
- package/.docs/organized/docs/reference/organization/delete.mdx +89 -0
- package/.docs/organized/docs/reference/organization/get-by-external-id.mdx +40 -0
- package/.docs/organized/docs/reference/organization/get.mdx +104 -0
- package/.docs/organized/docs/reference/organization/index.mdx +274 -0
- package/.docs/organized/docs/reference/organization/list.mdx +258 -0
- package/.docs/organized/docs/reference/organization/update.mdx +236 -0
- package/.docs/organized/docs/reference/organization-domain.mdx +189 -0
- package/.docs/organized/docs/reference/pagination.mdx +244 -0
- package/.docs/organized/docs/reference/radar/attempts/create.mdx +115 -0
- package/.docs/organized/docs/reference/radar/attempts/index.mdx +7 -0
- package/.docs/organized/docs/reference/radar/attempts/update.mdx +34 -0
- package/.docs/organized/docs/reference/radar/index.mdx +8 -0
- package/.docs/organized/docs/reference/radar/lists/delete.mdx +36 -0
- package/.docs/organized/docs/reference/radar/lists/index.mdx +7 -0
- package/.docs/organized/docs/reference/radar/lists/update.mdx +36 -0
- package/.docs/organized/docs/reference/rate-limits.mdx +50 -0
- package/.docs/organized/docs/reference/roles/index.mdx +268 -0
- package/.docs/organized/docs/reference/roles/list-for-organization.mdx +152 -0
- package/.docs/organized/docs/reference/sso/connection/delete.mdx +89 -0
- package/.docs/organized/docs/reference/sso/connection/get.mdx +104 -0
- package/.docs/organized/docs/reference/sso/connection/index.mdx +388 -0
- package/.docs/organized/docs/reference/sso/connection/list.mdx +320 -0
- package/.docs/organized/docs/reference/sso/get-authorization-url/error-codes.mdx +28 -0
- package/.docs/organized/docs/reference/sso/get-authorization-url/index.mdx +434 -0
- package/.docs/organized/docs/reference/sso/get-authorization-url/redirect-uri.mdx +21 -0
- package/.docs/organized/docs/reference/sso/index.mdx +8 -0
- package/.docs/organized/docs/reference/sso/logout/authorize.mdx +47 -0
- package/.docs/organized/docs/reference/sso/logout/index.mdx +14 -0
- package/.docs/organized/docs/reference/sso/logout/redirect.mdx +32 -0
- package/.docs/organized/docs/reference/sso/profile/get-profile-and-token.mdx +229 -0
- package/.docs/organized/docs/reference/sso/profile/get-user-profile.mdx +127 -0
- package/.docs/organized/docs/reference/sso/profile/index.mdx +364 -0
- package/.docs/organized/docs/reference/testing.mdx +8 -0
- package/.docs/organized/docs/reference/user-management/access-token/index.mdx +13 -0
- package/.docs/organized/docs/reference/user-management/authentication/code.mdx +448 -0
- package/.docs/organized/docs/reference/user-management/authentication/email-verification.mdx +359 -0
- package/.docs/organized/docs/reference/user-management/authentication/get-authorization-url/error-codes.mdx +25 -0
- package/.docs/organized/docs/reference/user-management/authentication/get-authorization-url/index.mdx +425 -0
- package/.docs/organized/docs/reference/user-management/authentication/get-authorization-url/pkce.mdx +9 -0
- package/.docs/organized/docs/reference/user-management/authentication/get-authorization-url/redirect-uri.mdx +23 -0
- package/.docs/organized/docs/reference/user-management/authentication/index.mdx +66 -0
- package/.docs/organized/docs/reference/user-management/authentication/magic-auth.mdx +353 -0
- package/.docs/organized/docs/reference/user-management/authentication/organization-selection.mdx +349 -0
- package/.docs/organized/docs/reference/user-management/authentication/password.mdx +350 -0
- package/.docs/organized/docs/reference/user-management/authentication/refresh-and-seal-session-data.mdx +57 -0
- package/.docs/organized/docs/reference/user-management/authentication/refresh-token.mdx +381 -0
- package/.docs/organized/docs/reference/user-management/authentication/session-cookie.mdx +79 -0
- package/.docs/organized/docs/reference/user-management/authentication/totp.mdx +369 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/email-verification-required-error.mdx +42 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/index.mdx +20 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/mfa-challenge-error.mdx +44 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/mfa-enrollment-error.mdx +37 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/organization-authentication-required-error.mdx +68 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/organization-selection-error.mdx +44 -0
- package/.docs/organized/docs/reference/user-management/authentication-errors/sso-required-error.mdx +51 -0
- package/.docs/organized/docs/reference/user-management/email-verification/get.mdx +88 -0
- package/.docs/organized/docs/reference/user-management/email-verification/index.mdx +227 -0
- package/.docs/organized/docs/reference/user-management/identity/index.mdx +74 -0
- package/.docs/organized/docs/reference/user-management/identity/list.mdx +52 -0
- package/.docs/organized/docs/reference/user-management/index.mdx +13 -0
- package/.docs/organized/docs/reference/user-management/invitation/accept.mdx +39 -0
- package/.docs/organized/docs/reference/user-management/invitation/find-by-token.mdx +87 -0
- package/.docs/organized/docs/reference/user-management/invitation/get.mdx +87 -0
- package/.docs/organized/docs/reference/user-management/invitation/index.mdx +374 -0
- package/.docs/organized/docs/reference/user-management/invitation/list.mdx +247 -0
- package/.docs/organized/docs/reference/user-management/invitation/revoke.mdx +90 -0
- package/.docs/organized/docs/reference/user-management/invitation/send.mdx +230 -0
- package/.docs/organized/docs/reference/user-management/logout/get-logout-url-from-session-cookie.mdx +52 -0
- package/.docs/organized/docs/reference/user-management/logout/get-logout-url.mdx +147 -0
- package/.docs/organized/docs/reference/user-management/logout/index.mdx +26 -0
- package/.docs/organized/docs/reference/user-management/magic-auth/create.mdx +148 -0
- package/.docs/organized/docs/reference/user-management/magic-auth/get.mdx +88 -0
- package/.docs/organized/docs/reference/user-management/magic-auth/index.mdx +225 -0
- package/.docs/organized/docs/reference/user-management/mfa/authentication-challenge.mdx +194 -0
- package/.docs/organized/docs/reference/user-management/mfa/authentication-factor.mdx +324 -0
- package/.docs/organized/docs/reference/user-management/mfa/enroll-auth-factor.mdx +296 -0
- package/.docs/organized/docs/reference/user-management/mfa/index.mdx +5 -0
- package/.docs/organized/docs/reference/user-management/mfa/list-auth-factors.mdx +194 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/create.mdx +155 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/deactivate.mdx +106 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/delete.mdx +76 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/get.mdx +95 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/index.mdx +265 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/list.mdx +291 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/reactivate.mdx +106 -0
- package/.docs/organized/docs/reference/user-management/organization-membership/update.mdx +119 -0
- package/.docs/organized/docs/reference/user-management/password-reset/create.mdx +108 -0
- package/.docs/organized/docs/reference/user-management/password-reset/get.mdx +88 -0
- package/.docs/organized/docs/reference/user-management/password-reset/index.mdx +227 -0
- package/.docs/organized/docs/reference/user-management/password-reset/reset-password.mdx +144 -0
- package/.docs/organized/docs/reference/user-management/session-helpers/authenticate.mdx +176 -0
- package/.docs/organized/docs/reference/user-management/session-helpers/get-logout-url.mdx +42 -0
- package/.docs/organized/docs/reference/user-management/session-helpers/index.mdx +14 -0
- package/.docs/organized/docs/reference/user-management/session-helpers/load-sealed-session.mdx +105 -0
- package/.docs/organized/docs/reference/user-management/session-helpers/refresh.mdx +213 -0
- package/.docs/organized/docs/reference/user-management/session-tokens/access-token.mdx +90 -0
- package/.docs/organized/docs/reference/user-management/session-tokens/index.mdx +5 -0
- package/.docs/organized/docs/reference/user-management/session-tokens/jwks.mdx +110 -0
- package/.docs/organized/docs/reference/user-management/session-tokens/refresh-token.mdx +8 -0
- package/.docs/organized/docs/reference/user-management/user/create.mdx +327 -0
- package/.docs/organized/docs/reference/user-management/user/delete.mdx +76 -0
- package/.docs/organized/docs/reference/user-management/user/get-by-external-id.mdx +39 -0
- package/.docs/organized/docs/reference/user-management/user/get.mdx +103 -0
- package/.docs/organized/docs/reference/user-management/user/index.mdx +322 -0
- package/.docs/organized/docs/reference/user-management/user/list.mdx +260 -0
- package/.docs/organized/docs/reference/user-management/user/update.mdx +344 -0
- package/.docs/organized/docs/reference/vault/index.mdx +6 -0
- package/.docs/organized/docs/reference/vault/key/create-data-key.mdx +106 -0
- package/.docs/organized/docs/reference/vault/key/decrypt-data-key.mdx +84 -0
- package/.docs/organized/docs/reference/vault/key/decrypt-data.mdx +52 -0
- package/.docs/organized/docs/reference/vault/key/encrypt-data.mdx +58 -0
- package/.docs/organized/docs/reference/vault/key/index.mdx +25 -0
- package/.docs/organized/docs/reference/vault/object/create.mdx +62 -0
- package/.docs/organized/docs/reference/vault/object/delete.mdx +75 -0
- package/.docs/organized/docs/reference/vault/object/get.mdx +50 -0
- package/.docs/organized/docs/reference/vault/object/index.mdx +174 -0
- package/.docs/organized/docs/reference/vault/object/list.mdx +105 -0
- package/.docs/organized/docs/reference/vault/object/metadata.mdx +52 -0
- package/.docs/organized/docs/reference/vault/object/update.mdx +67 -0
- package/.docs/organized/docs/reference/vault/object/version.mdx +87 -0
- package/.docs/organized/docs/reference/vault/object/versions.mdx +83 -0
- package/.docs/organized/docs/reference/widgets/get-token.mdx +185 -0
- package/.docs/organized/docs/reference/widgets/index.mdx +6 -0
- package/.docs/organized/docs/reference/workos-connect/authorize/index.mdx +75 -0
- package/.docs/organized/docs/reference/workos-connect/index.mdx +33 -0
- package/.docs/organized/docs/reference/workos-connect/introspection/index.mdx +122 -0
- package/.docs/organized/docs/reference/workos-connect/metadata/index.mdx +25 -0
- package/.docs/organized/docs/reference/workos-connect/metadata/oauth-authorization-server/index.mdx +99 -0
- package/.docs/organized/docs/reference/workos-connect/metadata/openid-configuration/index.mdx +70 -0
- package/.docs/organized/docs/reference/workos-connect/token/authorization-code-grant/access-token.mdx +53 -0
- package/.docs/organized/docs/reference/workos-connect/token/authorization-code-grant/id-token.mdx +60 -0
- package/.docs/organized/docs/reference/workos-connect/token/authorization-code-grant/index.mdx +69 -0
- package/.docs/organized/docs/reference/workos-connect/token/client-credentials-grant/access-token.mdx +46 -0
- package/.docs/organized/docs/reference/workos-connect/token/client-credentials-grant/index.mdx +56 -0
- package/.docs/organized/docs/reference/workos-connect/token/index.mdx +39 -0
- package/.docs/organized/docs/reference/workos-connect/token/refresh-token-grant.mdx +69 -0
- package/.docs/organized/docs/reference/workos-connect/userinfo/index.mdx +46 -0
- package/.docs/organized/docs/sdks/dotnet.mdx +6 -0
- package/.docs/organized/docs/sdks/elixir.mdx +6 -0
- package/.docs/organized/docs/sdks/go.mdx +6 -0
- package/.docs/organized/docs/sdks/java.mdx +9 -0
- package/.docs/organized/docs/sdks/laravel.mdx +6 -0
- package/.docs/organized/docs/sdks/node.mdx +9 -0
- package/.docs/organized/docs/sdks/php.mdx +6 -0
- package/.docs/organized/docs/sdks/python.mdx +6 -0
- package/.docs/organized/docs/sdks/ruby.mdx +9 -0
- package/.docs/organized/docs/sso/_navigation.mdx +44 -0
- package/.docs/organized/docs/sso/_sequence-diagrams/saml-protocol-security-considerations.md +59 -0
- package/.docs/organized/docs/sso/attributes.mdx +110 -0
- package/.docs/organized/docs/sso/domains.mdx +111 -0
- package/.docs/organized/docs/sso/example-apps.mdx +46 -0
- package/.docs/organized/docs/sso/identity-provider-role-assignment.mdx +113 -0
- package/.docs/organized/docs/sso/index.mdx +295 -0
- package/.docs/organized/docs/sso/it-team-faq.mdx +35 -0
- package/.docs/organized/docs/sso/jit-provisioning.mdx +101 -0
- package/.docs/organized/docs/sso/launch-checklist.mdx +71 -0
- package/.docs/organized/docs/sso/login-flows.mdx +101 -0
- package/.docs/organized/docs/sso/redirect-uris.mdx +44 -0
- package/.docs/organized/docs/sso/saml-security.mdx +122 -0
- package/.docs/organized/docs/sso/signing-certificates.mdx +121 -0
- package/.docs/organized/docs/sso/single-logout.mdx +45 -0
- package/.docs/organized/docs/sso/test-sso.mdx +73 -0
- package/.docs/organized/docs/sso/ux/sign-in.mdx +44 -0
- package/.docs/organized/docs/user-management/_navigation.mdx +87 -0
- package/.docs/organized/docs/user-management/actions.mdx +169 -0
- package/.docs/organized/docs/user-management/authkit.mdx +69 -0
- package/.docs/organized/docs/user-management/branding.mdx +143 -0
- package/.docs/organized/docs/user-management/connect.mdx +110 -0
- package/.docs/organized/docs/user-management/custom-emails.mdx +164 -0
- package/.docs/organized/docs/user-management/directory-provisioning.mdx +78 -0
- package/.docs/organized/docs/user-management/domain-verification.mdx +28 -0
- package/.docs/organized/docs/user-management/email-password.mdx +42 -0
- package/.docs/organized/docs/user-management/email-verification.mdx +29 -0
- package/.docs/organized/docs/user-management/entitlements.mdx +46 -0
- package/.docs/organized/docs/user-management/example-apps.mdx +39 -0
- package/.docs/organized/docs/user-management/identity-linking.mdx +52 -0
- package/.docs/organized/docs/user-management/impersonation.mdx +82 -0
- package/.docs/organized/docs/user-management/index.mdx +525 -0
- package/.docs/organized/docs/user-management/invitations.mdx +60 -0
- package/.docs/organized/docs/user-management/invite-only-signup.mdx +72 -0
- package/.docs/organized/docs/user-management/jit-provisioning.mdx +36 -0
- package/.docs/organized/docs/user-management/jwt-templates.mdx +278 -0
- package/.docs/organized/docs/user-management/magic-auth.mdx +36 -0
- package/.docs/organized/docs/user-management/mcp.mdx +146 -0
- package/.docs/organized/docs/user-management/metadata.mdx +119 -0
- package/.docs/organized/docs/user-management/mfa.mdx +32 -0
- package/.docs/organized/docs/user-management/migrations.mdx +20 -0
- package/.docs/organized/docs/user-management/modeling-your-app.mdx +149 -0
- package/.docs/organized/docs/user-management/organization-policies.mdx +33 -0
- package/.docs/organized/docs/user-management/overview.mdx +46 -0
- package/.docs/organized/docs/user-management/passkeys.mdx +42 -0
- package/.docs/organized/docs/user-management/radar.mdx +127 -0
- package/.docs/organized/docs/user-management/roles-and-permissions.mdx +155 -0
- package/.docs/organized/docs/user-management/sessions.mdx +101 -0
- package/.docs/organized/docs/user-management/social-login.mdx +34 -0
- package/.docs/organized/docs/user-management/sso-with-contractors.mdx +85 -0
- package/.docs/organized/docs/user-management/sso.mdx +96 -0
- package/.docs/organized/docs/user-management/users-organizations.mdx +91 -0
- package/.docs/organized/docs/user-management/widgets.mdx +190 -0
- package/.docs/organized/docs/vault/_navigation.mdx +14 -0
- package/.docs/organized/docs/vault/index.mdx +38 -0
- package/.docs/organized/docs/vault/key-context.mdx +32 -0
- package/.docs/organized/docs/vault/quick-start.mdx +82 -0
- package/README.md +252 -0
- package/dist/chunk-64GKEK6G.js +48 -0
- package/dist/chunk-64GKEK6G.js.map +1 -0
- package/dist/get-tools.d.ts +23 -0
- package/dist/get-tools.js +8 -0
- package/dist/get-tools.js.map +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.js +552 -0
- package/dist/index.js.map +1 -0
- package/dist/prepare.d.ts +2 -0
- package/dist/prepare.js +269 -0
- package/dist/prepare.js.map +1 -0
- package/package.json +49 -0
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Punctionation
|
|
3
|
+
description: This will be SEO description.
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/demo/punctuation.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
The punctuation should use proper typographic symbols, like dashes and curly quotes via [SmartyPants](https://daringfireball.net/projects/smartypants/).
|
|
8
|
+
|
|
9
|
+
## Apostrophe and smart quotes
|
|
10
|
+
|
|
11
|
+
"It'll be great" they said. Here's a sentence. "Great", he said. They said it'll be great. "We'll do that" they said. "You'll do that" he said. _They_ can't do that.
|
|
12
|
+
|
|
13
|
+
`don't replace the apostrophe here`.
|
|
14
|
+
|
|
15
|
+
`"string"`
|
|
16
|
+
|
|
17
|
+
```plaintext
|
|
18
|
+
Don't replace the "apostrophe" and "quotes" here too.
|
|
19
|
+
```
|
|
20
|
+
|
|
21
|
+
## Dashes
|
|
22
|
+
|
|
23
|
+
One - a hyphen. Two – an en-dash. Three—an em dash.
|
|
24
|
+
|
|
25
|
+
All should be transformed into en-dashes.
|
|
26
|
+
|
|
27
|
+
Code should not be transformed:
|
|
28
|
+
|
|
29
|
+
```plaintext
|
|
30
|
+
One - a hyphen. Two – an en-dash. Three—an em dash.
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
`One - a hyphen. Two – an en-dash. Three—an em dash.`
|
|
34
|
+
|
|
35
|
+
## Ellipsis
|
|
36
|
+
|
|
37
|
+
Counting...
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Code Block Replacements
|
|
3
|
+
description: Test page for the code block replacements
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/demo/replacements.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
```js
|
|
8
|
+
'foo@foo-corp.com foo-corp.com foo@foo-corp.com';
|
|
9
|
+
```
|
|
10
|
+
|
|
11
|
+
```js
|
|
12
|
+
'foo-corp.com';
|
|
13
|
+
```
|
|
14
|
+
|
|
15
|
+
```js
|
|
16
|
+
'afoo-corp.com';
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
```js
|
|
20
|
+
'foo-corp.com foo-corp.com';
|
|
21
|
+
```
|
|
22
|
+
|
|
23
|
+
```js
|
|
24
|
+
const api_key = 'sk_example_123456789';
|
|
25
|
+
const client_id = 'client_123456789';
|
|
26
|
+
```
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Table
|
|
3
|
+
description: Demo example of a table.
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/demo/table.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Default table
|
|
8
|
+
|
|
9
|
+
| First Header | Second Header |
|
|
10
|
+
| ------------ | ------------- |
|
|
11
|
+
| Content Cell | Content Cell |
|
|
12
|
+
| Content Cell | Content Cell |
|
|
13
|
+
|
|
14
|
+
## Formatting with `inline code blocks`, `links`, and `text styles`
|
|
15
|
+
|
|
16
|
+
| Command | Description |
|
|
17
|
+
| ------------ | ------------------------------------------------------------------------ |
|
|
18
|
+
| `git status` | List all _new or modified_ files |
|
|
19
|
+
| `git diff` | Show [file](https://workos.com) differences that **haven’t been** staged |
|
|
20
|
+
|
|
21
|
+
## Text alignment
|
|
22
|
+
|
|
23
|
+
| Left-aligned | Center-aligned | Right-aligned |
|
|
24
|
+
| ------------ | -------------: | ------------: |
|
|
25
|
+
| git status | git status | git status |
|
|
26
|
+
| git diff | git diff | git diff |
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Tabs
|
|
3
|
+
description: Test page for the tabs component
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/demo/tabs.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
- | Directory User
|
|
8
|
+
|
|
9
|
+
Whether to parse strikethrough with a single tilde (boolean, default: true).
|
|
10
|
+
|
|
11
|
+
- | List Directory
|
|
12
|
+
|
|
13
|
+
Get the details of an existing Directory User.
|
|
14
|
+
|
|
15
|
+
- | Get Directory Group
|
|
16
|
+
|
|
17
|
+
<CodeBlock title="Example Code" file="webhook-endpoint" />
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Directory Sync
|
|
3
|
+
links:
|
|
4
|
+
- title: Getting Started
|
|
5
|
+
links:
|
|
6
|
+
- title: Fundamentals
|
|
7
|
+
url: /directory-sync
|
|
8
|
+
- title: Quick Start
|
|
9
|
+
url: /directory-sync/quick-start
|
|
10
|
+
- title: Example Apps
|
|
11
|
+
url: /directory-sync/example-apps
|
|
12
|
+
- title: Going Live
|
|
13
|
+
links:
|
|
14
|
+
- title: Handle Inactive Users
|
|
15
|
+
url: /directory-sync/handle-inactive-users
|
|
16
|
+
- title: Understanding Events
|
|
17
|
+
url: /directory-sync/understanding-events
|
|
18
|
+
- title: User Attributes
|
|
19
|
+
url: /directory-sync/attributes
|
|
20
|
+
- title: On-prem Deployment
|
|
21
|
+
url: /on-prem-deployment
|
|
22
|
+
- title: Mapping Roles
|
|
23
|
+
links:
|
|
24
|
+
- title: IdP Role Assignment
|
|
25
|
+
url: /directory-sync/identity-provider-role-assignment
|
|
26
|
+
originalPath: .tmp-workos-clone/packages/docs/content/directory-sync/_navigation.mdx
|
|
27
|
+
---
|
|
28
|
+
|
|
@@ -0,0 +1,209 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: User Attributes
|
|
3
|
+
description: Configure how attributes map from directory providers to Directory Users.
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/directory-sync/attributes.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
## Introduction
|
|
8
|
+
|
|
9
|
+
WorkOS can automatically find and normalize most common attributes from directory providers into the [Directory User](/reference/directory-sync/directory-user) object, which represents an enterprise user. More unique cases can be mapped by your customers admins.
|
|
10
|
+
|
|
11
|
+
- ### Directory User object
|
|
12
|
+
|
|
13
|
+
Here is an example Directory User. The data stored varies per directory provider and may include attributes such as photo URLs, pay groups, supervisors, etc.
|
|
14
|
+
|
|
15
|
+
```json language="json" title="Directory User"
|
|
16
|
+
{
|
|
17
|
+
"id": "directory_user_01E1X7B89OH8Z3SXFJR4H7RGX7",
|
|
18
|
+
"idp_id": "821991",
|
|
19
|
+
"first_name": "Jane",
|
|
20
|
+
"last_name": "Doe",
|
|
21
|
+
"email": "jane@example.com",
|
|
22
|
+
"state": "active",
|
|
23
|
+
"created_at": "2021-06-25T19:07:33.155Z",
|
|
24
|
+
"updated_at": "2021-06-25T19:07:33.155Z",
|
|
25
|
+
"object": "directory_user",
|
|
26
|
+
"directory_id": "directory_01E1X194NTJ3PXMAY79DYV0F0P",
|
|
27
|
+
"organization_id": "org_01EHWNCE74X7JSDV0X3SZ3PJNY",
|
|
28
|
+
"custom_attributes": {
|
|
29
|
+
"emails": [
|
|
30
|
+
{
|
|
31
|
+
"type": "work",
|
|
32
|
+
"value": "jane@example.com",
|
|
33
|
+
"primary": true
|
|
34
|
+
}
|
|
35
|
+
],
|
|
36
|
+
"employee_type": "Full Time",
|
|
37
|
+
"employment_start_date": "2021-06-27T12:00:00.000Z",
|
|
38
|
+
"department_name": "Engineering",
|
|
39
|
+
"manager_email": "john@example.com",
|
|
40
|
+
"division_name": "Analytics",
|
|
41
|
+
"cost_center_name": "IT",
|
|
42
|
+
"job_title": "Software Engineer",
|
|
43
|
+
"addresses": [
|
|
44
|
+
{
|
|
45
|
+
"type": "work",
|
|
46
|
+
"street_address": "101 123rd Ave",
|
|
47
|
+
"locality": "Brooklyn",
|
|
48
|
+
"region": "New York",
|
|
49
|
+
"postal_code": "12345",
|
|
50
|
+
"country": "USA",
|
|
51
|
+
"raw_address": "101 123rd Ave, Brooklyn, New York, 12345, USA",
|
|
52
|
+
"primary": true
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
"type": "home",
|
|
56
|
+
"street_address": "102 W 321st St",
|
|
57
|
+
"locality": "Brooklyn",
|
|
58
|
+
"region": "New York",
|
|
59
|
+
"postal_code": "54321",
|
|
60
|
+
"country": "USA",
|
|
61
|
+
"raw_address": "102 W 321st St, Brooklyn, New York, 54321, USA",
|
|
62
|
+
"primary": false
|
|
63
|
+
}
|
|
64
|
+
],
|
|
65
|
+
"username": "jane@example.com",
|
|
66
|
+
"my_new_key": "<custom-mapped value>"
|
|
67
|
+
},
|
|
68
|
+
"raw_attributes": {
|
|
69
|
+
"name": {
|
|
70
|
+
"givenName": "Jane",
|
|
71
|
+
"familyName": "Doe"
|
|
72
|
+
},
|
|
73
|
+
"active": true,
|
|
74
|
+
"emails": [
|
|
75
|
+
{
|
|
76
|
+
"type": "work",
|
|
77
|
+
"value": "jane@example.com",
|
|
78
|
+
"primary": true
|
|
79
|
+
}
|
|
80
|
+
],
|
|
81
|
+
"groups": [],
|
|
82
|
+
"locale": "en_US",
|
|
83
|
+
"schemas": ["urn:directory:schemas:core:1.0"],
|
|
84
|
+
"password": "redacted",
|
|
85
|
+
"userName": "jane@example.com",
|
|
86
|
+
"externalId": "821991",
|
|
87
|
+
"displayName": "Jane Doe"
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
In this guide, we’ll explain how to map data from directory providers to the Directory Users.
|
|
93
|
+
|
|
94
|
+
## Definitions
|
|
95
|
+
|
|
96
|
+
**Standard attributes**
|
|
97
|
+
: The most common user information, normalized across providers.
|
|
98
|
+
|
|
99
|
+
**Predefined attributes**
|
|
100
|
+
: Detailed user attributes for specific use cases, normalized across providers. You can opt-in to each attribute you'd like auto-mapped.
|
|
101
|
+
|
|
102
|
+
**Custom attributes**
|
|
103
|
+
: For unique cases, you can create custom attributes your customers can map when setting up a directory.
|
|
104
|
+
|
|
105
|
+
## Standard attributes
|
|
106
|
+
|
|
107
|
+
Every Directory User comes with the following standard attributes. These are the core set of attributes that are common across all identity providers. These are structured fields with a guaranteed schema in the top-level Directory User payload.
|
|
108
|
+
|
|
109
|
+
| Attribute | Type and description | Status |
|
|
110
|
+
| ------------ | ------------------------------------------------------------------------------------------------------------------------ | -------- |
|
|
111
|
+
| `idp_id` | The user’s unique identifier, assigned by the directory provider. Different directory providers use different ID formats | Required |
|
|
112
|
+
| `first_name` | The user’s first name | Optional |
|
|
113
|
+
| `last_name` | The user’s last name | Optional |
|
|
114
|
+
| `email` | The user’s email | Optional |
|
|
115
|
+
| `state` | The user’s state. May be `active`, or `inactive` | Required |
|
|
116
|
+
|
|
117
|
+
> `emails`, `job_title`, and `username` were previously considered standard attributes, but have been deprecated in favor of equivalent [auto-mapped custom attributes](/directory-sync/attributes/custom-attributes/predefined-attributes).
|
|
118
|
+
|
|
119
|
+
---
|
|
120
|
+
|
|
121
|
+
## Custom attributes
|
|
122
|
+
|
|
123
|
+
For more detailed user information, you can opt-in to additional predefined attributes and define your own custom attributes. These attributes will appear in the `custom_attributes` field on [Directory User](/reference/directory-sync/directory-user) objects and can be configured in the [WorkOS Dashboard](https://dashboard.workos.com/).
|
|
124
|
+
|
|
125
|
+
### Predefined attributes
|
|
126
|
+
|
|
127
|
+
When enabled, the values will be mapped without additional setup. Not every directory provider has data for every field, so they are always optional if enabled. These fields are named and schematized by WorkOS – they cannot be renamed.
|
|
128
|
+
|
|
129
|
+
| Attribute | Type and description |
|
|
130
|
+
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------------- |
|
|
131
|
+
| `addresses` | The user’s list of address objects (`street_address`, `locality`, `region`, `postal_code`, `country`, `primary`, `raw_address`) |
|
|
132
|
+
| `cost_center_name` | The user’s cost center name |
|
|
133
|
+
| `department_name` | The user’s department name |
|
|
134
|
+
| `division_name` | The user’s division name |
|
|
135
|
+
| `emails` | The user’s list of email objects (`type`, `value`, `primary`) |
|
|
136
|
+
| `employee_type` | The user’s employment type |
|
|
137
|
+
| `employment_start_date` | The user’s start date |
|
|
138
|
+
| `job_title` | The user’s job title |
|
|
139
|
+
| `manager_email` | The email address for the user’s manager |
|
|
140
|
+
| `username` | The user’s username |
|
|
141
|
+
|
|
142
|
+
#### Enable or disable a predefined attribute
|
|
143
|
+
|
|
144
|
+
Predefined attributes can be enabled or disabled in the [WorkOS Dashboard](https://dashboard.workos.com/) on the Identity Provider Attributes page.
|
|
145
|
+
|
|
146
|
+
|
|
147
|
+
|
|
148
|
+
> Updates to these settings may take up to an hour to reflect in your Directory User API response. A [dsync.user.updated](/events/directory-sync) event is emitted for each Directory User changed by toggling auto-mapped attributes.
|
|
149
|
+
|
|
150
|
+
### Support per directory provider
|
|
151
|
+
|
|
152
|
+
The following support table outlines the attribute availability across directory providers.
|
|
153
|
+
|
|
154
|
+
<DirectorySyncAttributeSupportTable />
|
|
155
|
+
|
|
156
|
+
### Custom attributes
|
|
157
|
+
|
|
158
|
+
Custom attributes can be utilized to enrich [Directory User](/reference/directory-sync/directory-user) objects with additional data from the identity provider. You can create attributes that appear as fields in the [Admin Portal](https://workos.com/admin-portal). Your customers can map these fields to the correct values in their system when setting up Directory Sync with their identity provider.
|
|
159
|
+
|
|
160
|
+
#### Create a custom attribute
|
|
161
|
+
|
|
162
|
+
Custom attributes can be created in the [WorkOS Dashboard](https://dashboard.workos.com/) on the Identity Provider Attributes page.
|
|
163
|
+
|
|
164
|
+
|
|
165
|
+
|
|
166
|
+
#### Delete a custom attribute
|
|
167
|
+
|
|
168
|
+
When a custom attribute is deleted, the attribute will be deleted from all [Directory User](/reference/directory-sync/directory-user) objects.
|
|
169
|
+
|
|
170
|
+
> Updates to custom attributes may take up to an hour to reflect in your Directory User API response. A [dsync.user.updated](/events/directory-sync) event is emitted for each Directory User changed.
|
|
171
|
+
|
|
172
|
+
#### Nested attributes
|
|
173
|
+
|
|
174
|
+
Nested attributes are not currently supported. These admin-defined attributes must be defined as top-level flat keys.
|
|
175
|
+
|
|
176
|
+
For instance, in the following example `top_level_attribute` can be mapped, but `top_level_with_nested.nested_attribute` cannot be mapped:
|
|
177
|
+
|
|
178
|
+
```json language="json" title="Attributes Example"
|
|
179
|
+
{
|
|
180
|
+
"top_level_attribute": "value",
|
|
181
|
+
"top_level_with_nested": {
|
|
182
|
+
"nested_attribute": "nested_value"
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
```
|
|
186
|
+
|
|
187
|
+
> If you are interested in nested attributes support, please [contact support](mailto:support@workos.com).
|
|
188
|
+
|
|
189
|
+
---
|
|
190
|
+
|
|
191
|
+
## Raw attributes [**Deprecated**]
|
|
192
|
+
|
|
193
|
+
These are unfiltered and unstructured attributes that are unique to each directory provider. These attributes are included as fields in the `raw_attributes` object that is included in the [Directory User](/reference/directory-sync/directory-user). The `raw_attributes` property will be phased out by July 22, 2025. [IdP role assignment](/directory-sync/identity-provider-role-assignment) or [custom attributes](/directory-sync/attributes/custom-attributes) should be used instead.
|
|
194
|
+
|
|
195
|
+
---
|
|
196
|
+
|
|
197
|
+
## Frequently asked questions
|
|
198
|
+
|
|
199
|
+
### Are existing directories required to update the attribute mapping when new required custom attributes are added?
|
|
200
|
+
|
|
201
|
+
No, when you add a new required custom attribute to your settings, this won’t be retroactively required for directories that have already been set up and configured. However, in the WorkOS dashboard, you will be able to navigate directly to the existing directory and fill in details for those attributes manually.
|
|
202
|
+
|
|
203
|
+
### Can our customers add their own custom attributes outside of what is defined in the WorkOS dashboard?
|
|
204
|
+
|
|
205
|
+
We do not currently support this functionality, as you have to define any custom attributes in the dashboard first. Please reach out to [support](mailto:support@workos.com) if you have a specific use case that you would like to discuss.
|
|
206
|
+
|
|
207
|
+
### What happens if an attribute cannot be mapped from the IdP?
|
|
208
|
+
|
|
209
|
+
Attributes that cannot be mapped for a particular [Directory User](/reference/directory-sync/directory-user) will result in a `null` value for the attribute. [dsync.user.updated](/events/directory-sync) events are not emitted when an attribute changes from `null` to `undefined` or vice versa.
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Example Apps
|
|
3
|
+
description: "View sample Directory\_Sync apps for\_each\_SDK."
|
|
4
|
+
originalPath: .tmp-workos-clone/packages/docs/content/directory-sync/example-apps.mdx
|
|
5
|
+
---
|
|
6
|
+
|
|
7
|
+
You can view minimal example apps that demonstrate how to use the WorkOS SDKs to power Directory Sync:
|
|
8
|
+
|
|
9
|
+
<ExampleApps.Root>
|
|
10
|
+
<ExampleApps.Card
|
|
11
|
+
href="https://github.com/workos/node-example-applications/tree/main/node-directory-sync-example"
|
|
12
|
+
title="Node.js Directory Sync app"
|
|
13
|
+
/>
|
|
14
|
+
<ExampleApps.Card
|
|
15
|
+
href="https://github.com/workos/typescript-example-applications/tree/main/typescript-directory-sync-example"
|
|
16
|
+
title="TypeScript Directory Sync app"
|
|
17
|
+
/>
|
|
18
|
+
<ExampleApps.Card
|
|
19
|
+
href="https://github.com/workos/ruby-example-applications/tree/main/ruby-directory-sync-example"
|
|
20
|
+
title="Ruby Directory Sync app"
|
|
21
|
+
/>
|
|
22
|
+
<ExampleApps.Card
|
|
23
|
+
href="https://github.com/workos/python-flask-example-applications/tree/main/python-flask-directory-sync-example"
|
|
24
|
+
title="Python Flask Directory Sync app"
|
|
25
|
+
/>
|
|
26
|
+
<ExampleApps.Card
|
|
27
|
+
href="https://github.com/workos/python-django-example-applications/tree/main/python-django-directory-sync-example"
|
|
28
|
+
title="Python Django Directory Sync app"
|
|
29
|
+
/>
|
|
30
|
+
<ExampleApps.Card
|
|
31
|
+
href="https://github.com/workos/go-example-applications/tree/main/go-directory-sync-example"
|
|
32
|
+
title="Go Directory Sync app"
|
|
33
|
+
/>
|
|
34
|
+
<ExampleApps.Card
|
|
35
|
+
href="https://github.com/workos/java-example-applications/tree/main/java-directory-sync-example"
|
|
36
|
+
title="Java Directory Sync app"
|
|
37
|
+
/>
|
|
38
|
+
<ExampleApps.Card
|
|
39
|
+
href="https://github.com/workos/php-example-applications/tree/main/php-directory-sync-example"
|
|
40
|
+
title="PHP Directory Sync app"
|
|
41
|
+
/>
|
|
42
|
+
<ExampleApps.Card
|
|
43
|
+
href="https://github.com/workos/dotnet-example-applications/tree/main/dotnet-directory-sync-example"
|
|
44
|
+
title=".NET Directory Sync app"
|
|
45
|
+
/>
|
|
46
|
+
</ExampleApps.Root>
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Handle Inactive Users
|
|
3
|
+
description: >-
|
|
4
|
+
Learn why inactive users are deleted from directories by default and how to
|
|
5
|
+
configure this behavior.
|
|
6
|
+
originalPath: >-
|
|
7
|
+
.tmp-workos-clone/packages/docs/content/directory-sync/handle-inactive-users.mdx
|
|
8
|
+
---
|
|
9
|
+
|
|
10
|
+
## Introduction
|
|
11
|
+
|
|
12
|
+
Traditionally, user provisioning involves the ingestion of user information from various providers (either through SCIM or non-SCIM integrations). This process typically includes categorizing users into states such as `active`, or `inactive` as provided by the IdP data source.
|
|
13
|
+
|
|
14
|
+
However, the challenge arises when businesses need to handle these `inactive` users differently based on their unique operational and security requirements. Some developers may prefer a security-first approach, automatically deleting these users to enhance data security, while others may opt to retain this information for reactivation processes or comprehensive directory management.
|
|
15
|
+
|
|
16
|
+
---
|
|
17
|
+
|
|
18
|
+
## Configuration
|
|
19
|
+
|
|
20
|
+
To provide improved security and customizability, you can choose how `inactive` users are handled during the provisioning process. Here is an overview of the two options available:
|
|
21
|
+
|
|
22
|
+
### Secure flow (default)
|
|
23
|
+
|
|
24
|
+
By selecting this option, customers can opt for a security-focused workflow. Any user marked as `inactive` will be automatically deleted from the directory, resulting in cleaner and potentially more secure data. This approach reduces the data footprint and minimizes potential security risks associated with unused accounts.
|
|
25
|
+
|
|
26
|
+
### Custom management flow
|
|
27
|
+
|
|
28
|
+
Alternatively, customers can choose to maintain the existing flow, keeping the `inactive` users in the directory. This approach supports reactivation processes and ensures a comprehensive view of the directory, allowing for easier reintegration of users when needed.
|
|
29
|
+
|
|
30
|
+
> Contact [customer support](mailto:support@workos.com) to enable custom management flow for your environment.
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
|
|
34
|
+
## Weighing the tradeoffs
|
|
35
|
+
|
|
36
|
+
Both options offer distinct advantages, and the right choice depends on your organization's unique needs and security posture:
|
|
37
|
+
|
|
38
|
+
### Security vs. flexibility
|
|
39
|
+
|
|
40
|
+
The automatic deletion option prioritizes data security by minimizing the data footprint, while the customized management option provides flexibility for reactivation flows and comprehensive directory oversight.
|
|
41
|
+
|
|
42
|
+
### Compliance and regulations
|
|
43
|
+
|
|
44
|
+
Depending on industry regulations and compliance requirements, one option may align better with your organization's obligations.
|
|
45
|
+
|
|
46
|
+
### Operational efficiency
|
|
47
|
+
|
|
48
|
+
Consider how each option impacts operational efficiency using WorkOS to handle a set of the computation for you.
|
|
49
|
+
|
|
50
|
+
### Reactivation
|
|
51
|
+
|
|
52
|
+
If a user is temporarily removed, does the same user information need to be retained when they return? A new directory user will be created by default on return, whereas using the `inactive` user will retain the same information on reactivation.
|
|
@@ -0,0 +1,134 @@
|
|
|
1
|
+
---
|
|
2
|
+
title: Identity Provider Role Assignment
|
|
3
|
+
description: >-
|
|
4
|
+
Learn how to map role data from identity providers to roles in your app with
|
|
5
|
+
Directory Sync.
|
|
6
|
+
showNextPage: true
|
|
7
|
+
originalPath: >-
|
|
8
|
+
.tmp-workos-clone/packages/docs/content/directory-sync/identity-provider-role-assignment.mdx
|
|
9
|
+
---
|
|
10
|
+
|
|
11
|
+
## Introduction
|
|
12
|
+
|
|
13
|
+
A role represents a logical grouping of permissions, defining access control levels for users within your application. Roles are identified by a unique, immutable slug and are assigned to Directory Sync [users](/directory-sync/api-overview/directory-user) through their group memberships. These role assignments can be configured on the WorkOS dashboard.
|
|
14
|
+
|
|
15
|
+
## Configure roles
|
|
16
|
+
|
|
17
|
+
You can manage roles in the _Roles & Permissions_ section of the [WorkOS Dashboard](https://dashboard.workos.com/).
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
|
|
21
|
+
### Default role
|
|
22
|
+
|
|
23
|
+
Role configuration occurs at the environment level. Each environment is seeded with a default `member` role, which is automatically assigned to every directory user. This default role cannot be deleted, but any role can be set as the default.
|
|
24
|
+
|
|
25
|
+
If you need to set default roles or other role configurations at the organization level, refer to the [organization roles](/user-management/roles-and-permissions/organization-roles) documentation.
|
|
26
|
+
|
|
27
|
+
### Priority order
|
|
28
|
+
|
|
29
|
+
If a user is provisioned from multiple groups with conflicting roles, the role with the highest priority will be assigned.
|
|
30
|
+
|
|
31
|
+
### Delete roles
|
|
32
|
+
|
|
33
|
+
When a role is deleted, all users with that role, will be granted the default role. Role deletion happens asynchronously, so there may be a slight delay between deleting a role and updating all directory users.
|
|
34
|
+
|
|
35
|
+
> To migrate from one default role to another, set the new default role and delete the old one. All directory users will then be reassigned to the new default role.
|
|
36
|
+
|
|
37
|
+
## Directory group role assignment
|
|
38
|
+
|
|
39
|
+
Users are assigned to groups via the identity provider. Groups usually correspond to roles in your app. Therefore, IT admins will often map a group one-to-one to a role. This can be defined within the WorkOS dashboard or Admin Portal for your application to receive automatic role updates.
|
|
40
|
+
|
|
41
|
+
> Only supported in directories using SCIM-based or Google Workspace providers.
|
|
42
|
+
|
|
43
|
+
### Sample scenario
|
|
44
|
+
|
|
45
|
+
Consider the fictional SaaS company _HireOS_. _HireOS_ has integrated Directory Sync and supports group-based role assignment. For example, a _HireOS_ customer would like to assign their engineering team to it. The customer’s IT admin would take the following steps:
|
|
46
|
+
|
|
47
|
+
1. Create a group “Engineering” using their identity provider.
|
|
48
|
+
2. Push the group to _HireOS_ via the identity provider. This is configured in the identity provider admin console.
|
|
49
|
+
|
|
50
|
+
The developer on the WorkOS dashboard can then assign users of that group to the role "Developer".
|
|
51
|
+
|
|
52
|
+
1. Navigate to the directory page on the WorkOS dashboard.
|
|
53
|
+
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
2. Create an assignment for “Engineering" to the "Developer" role.
|
|
57
|
+
|
|
58
|
+
|
|
59
|
+
|
|
60
|
+
From this point on, all new users added to “Engineering" will be given "Developer” role from the WorkOS API. The role will be in the [directory user response](/reference/directory-sync/directory-user).
|
|
61
|
+
|
|
62
|
+
|
|
63
|
+
|
|
64
|
+
### Role assignment in Admin Portal
|
|
65
|
+
|
|
66
|
+
Once [roles](/directory-sync/identity-provider-role-assignment/configure-roles) are configured for your application, enable directory group role assignment in [Admin Portal](/admin-portal) to allow IT admins to assign roles to groups during directory setup.
|
|
67
|
+
|
|
68
|
+
|
|
69
|
+
|
|
70
|
+
This is an environment-level setting, but can be configured per organization via the _Roles_ tab under an organization in the WorkOS Dashboard. If your application is integrated with Directory Sync, it is recommended to use directory group role assignment as the environment default.
|
|
71
|
+
|
|
72
|
+
|
|
73
|
+
|
|
74
|
+
If enabled, all Admin Portal sessions for SCIM-based or Google Workspace directories will have the ability to see and assign roles to identity provider groups.
|
|
75
|
+
|
|
76
|
+
## Other forms of role assignment
|
|
77
|
+
|
|
78
|
+
Your customers will store role information in different forms, depending on their preferred provisioning workflow. WorkOS allows for flexibility in how you source role data, though these formats are not automated today and not available on the role property on the [directory user response](/reference/directory-sync/directory-user). You can fetch role data via two distinct mechanisms:
|
|
79
|
+
|
|
80
|
+
- A custom-mapped role attribute from the directory user profile.
|
|
81
|
+
- A groups attribute in the SSO user profile.
|
|
82
|
+
|
|
83
|
+
The type of mechanism needed will depend on the level of support for roles in your app, your app’s architecture, and your customer’s workflows:
|
|
84
|
+
|
|
85
|
+
| Approach | Your app | Your customer |
|
|
86
|
+
| ------------------------------- | ------------------------------------------------------ | ------------------------------------------------------------------ |
|
|
87
|
+
| SSO group role assignment | Receives role data each time a user logs in | Uses identity provider groups to assign roles in your app |
|
|
88
|
+
| Attribute-based role assignment | Sets roles based on a per-user custom-mapped attribute | Assigns roles using attributes on users in their identity provider |
|
|
89
|
+
|
|
90
|
+
### SSO group role assignment
|
|
91
|
+
|
|
92
|
+
[SSO group role assignment](/sso/identity-provider-role-assignment/sso-group-role-assignment) involves mapping identity provider (IdP) groups to roles within your application during [Single Sign-On](/sso) and [JIT Provisioning](/sso/jit-provisioning). In this method, SSO groups corresponding to IdP groups are defined in the WorkOS Dashboard, and roles are assigned based on these group memberships.
|
|
93
|
+
|
|
94
|
+
The user’s role is then included in the [SSO profile](/reference/sso/profile) returned from WorkOS. [Read more](/sso/identity-provider-role-assignment/considerations/drawbacks) on this approach, including [drawbacks](/sso/identity-provider-role-assignment/considerations/drawbacks) to consider.
|
|
95
|
+
|
|
96
|
+
### Attribute-based role
|
|
97
|
+
|
|
98
|
+
You can use [custom-mapped attributes](/directory-sync/attributes/custom-attributes/custom-attributes) if your customers do not use groups to establish and manage user roles.
|
|
99
|
+
|
|
100
|
+
You can create a custom-mapped attribute role (e.g., `myRole`) in the [WorkOS Dashboard](https://dashboard.workos.com/) under Configuration → Directory Sync. You can set the status of a role attribute to “Required” or “Optional”.
|
|
101
|
+
|
|
102
|
+
```json language="json" title="Directory user with a custom-mapped attribute"
|
|
103
|
+
{
|
|
104
|
+
"id": "directory_user_01E1X7B89OH8Z3SXFJR4H7RGX7",
|
|
105
|
+
"idp_id": "821991",
|
|
106
|
+
"first_name": "Jane",
|
|
107
|
+
"last_name": "Doe",
|
|
108
|
+
"email": "jane@example.com",
|
|
109
|
+
"state": "active",
|
|
110
|
+
"created_at": "2021-06-25T19:07:33.155Z",
|
|
111
|
+
"updated_at": "2021-06-25T19:07:33.155Z",
|
|
112
|
+
"object": "directory_user",
|
|
113
|
+
"directory_id": "directory_01E1X194NTJ3PXMAY79DYV0F0P",
|
|
114
|
+
"organization_id": "org_01EHWNCE74X7JSDV0X3SZ3PJNY",
|
|
115
|
+
"custom_attributes": {
|
|
116
|
+
"myRole": "admin"
|
|
117
|
+
},
|
|
118
|
+
"raw_attributes": {}
|
|
119
|
+
}
|
|
120
|
+
```
|
|
121
|
+
|
|
122
|
+
The newly created attribute will appear as a field in the [Admin Portal](/admin-portal). When setting up Directory Sync with their identity provider in Admin Portal, your customers can map this role field to a field in their identity provider. You’ll have to communicate with your customer what value(s) you expect in the custom-mapped attribute.
|
|
123
|
+
|
|
124
|
+
An example being that `myRole` should be one of `"admin"`, `"viewer"`, or `"editor"`. This allows your app to parse the `myRole` field value correctly.
|
|
125
|
+
|
|
126
|
+
## Common edge cases
|
|
127
|
+
|
|
128
|
+
### A user is part of multiple groups
|
|
129
|
+
|
|
130
|
+
Having a user who belongs to multiple groups is a common scenario. For example, there might be a case where an employee _Jane_ is an _Engineering Manager_ and belongs to an “Engineering”, “Manager”, and “Admin” group. With group-based role assignment, the user will be assigned the role that has the [highest priority defined](/directory-sync/identity-provider-role-assignment/configure-roles/priority-order).
|
|
131
|
+
|
|
132
|
+
### Role assignment availability on Directory Sync
|
|
133
|
+
|
|
134
|
+
Identity provider role assignment through groups is only available through SCIM compliant and Google Workspace directories.
|