usermanagement

package
v6.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: MIT Imports: 14 Imported by: 0

README

usermanagement

Go Report Card

A go package wrapping the WorkOS User Management API.

Install

go get -u github.com/workos/workos-go/v6/pkg/usermanagement

How it works

See the User Management integration guide.

Update user metadata and remove a key by sending JSON null

To set a metadata value to null (and remove it server-side), pass a nil pointer for that key. The Metadata field accepts map[string]*string.

lang := "en"
user, err := usermanagement.UpdateUser(ctx, usermanagement.UpdateUserOpts{
  User: "user_123",
  Metadata: map[string]*string{
    "language": &lang,
    "legacy_code": nil, // serializes as JSON null
  },
})

Documentation

Overview

Package `usermanagement` provides a client wrapping the WorkOS User Management API.

Index

Constants

View Source 
const ResponseLimit = 10

ResponseLimit is the default number of records to limit a response to.

Variables

View Source 
var (
	// DefaultClient is the client used by User management methods
	DefaultClient = NewClient("")
)

Functions

func DeleteOrganizationMembership 

func DeleteOrganizationMembership(
	ctx context.Context,
	opts DeleteOrganizationMembershipOpts,
) error

DeleteOrganizationMembership deletes an existing OrganizationMembership.

func DeleteUser 

func DeleteUser(
	ctx context.Context,
	opts DeleteUserOpts,
) error

DeleteUser deletes a existing User.

func GetAuthorizationURL 

func GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)

GetAuthorizationURL returns an authorization url generated with the given options.

func GetJWKSURL 

func GetJWKSURL(clientID string) (*url.URL, error)

func GetLogoutURL 

func GetLogoutURL(opts GetLogoutURLOpts) (*url.URL, error)

func RevokeSession 

func RevokeSession(ctx context.Context, opts RevokeSessionOpts) error

func SendMagicAuthCode deprecated 

func SendMagicAuthCode(
	ctx context.Context,
	opts SendMagicAuthCodeOpts,
) error

Deprecated: Use CreateMagicAuth instead. This method will be removed in a future major version.

func SendPasswordResetEmail deprecated 

func SendPasswordResetEmail(
	ctx context.Context,
	opts SendPasswordResetEmailOpts,
) error

Deprecated: Use CreatePasswordReset instead. This method will be removed in a future major version.

func SetAPIKey 

func SetAPIKey(apiKey string)

SetAPIKey configures the default client that is used by the User management methods It must be called before using those functions.

Types

type AuthenticateResponse 

type AuthenticateResponse struct {
	User User `json:"user"`

	// Which Organization the user is signing in to.
	// If the user is a member of multiple organizations, this is the organization the user selected
	// as part of the authentication flow.
	// If the user is a member of only one organization, this is that organization.
	// If the user is not a member of any organizations, this is null.
	OrganizationID string `json:"organization_id"`

	// The AccessToken can be validated to confirm that a user has an active session.
	AccessToken string `json:"access_token"`

	// This RefreshToken can be used to obtain a new AccessToken using
	// `AuthenticateWithRefreshToken`
	RefreshToken string `json:"refresh_token"`

	// The authentication method used to authenticate the user.
	AuthenticationMethod AuthenticationMethod `json:"authentication_method"`

	// Present if the authenticated user is being impersonated.
	Impersonator *Impersonator `json:"impersonator"`

	// Third party OAuth provider tokens. Present if configured in the WorkOS Dashboard.
	OAuthTokens *OAuthTokens `json:"oauth_tokens,omitempty"`
}

func AuthenticateWithCode 

func AuthenticateWithCode(
	ctx context.Context,
	opts AuthenticateWithCodeOpts,
) (AuthenticateResponse, error)

AuthenticateWithCode authenticates an OAuth user or a managed SSO user that is logging in through SSO

func AuthenticateWithEmailVerificationCode 

func AuthenticateWithEmailVerificationCode(
	ctx context.Context,
	opts AuthenticateWithEmailVerificationCodeOpts,
) (AuthenticateResponse, error)

AuthenticateWithEmailVerificationCode authenticates a user by verifying an code sent to their email address.

func AuthenticateWithMagicAuth 

func AuthenticateWithMagicAuth(
	ctx context.Context,
	opts AuthenticateWithMagicAuthOpts,
) (AuthenticateResponse, error)

AuthenticateWithMagicAuth authenticates a user by verifying a one-time code sent to the user's email address by the Magic Auth Send Code endpoint.

func AuthenticateWithOrganizationSelection 

func AuthenticateWithOrganizationSelection(
	ctx context.Context,
	opts AuthenticateWithOrganizationSelectionOpts,
) (AuthenticateResponse, error)

AuthenticateWithOrganizationSelection completes authentication for a user given an organization they've selected.

func AuthenticateWithPassword 

func AuthenticateWithPassword(
	ctx context.Context,
	opts AuthenticateWithPasswordOpts,
) (AuthenticateResponse, error)

AuthenticateWithPassword authenticates a user with email and password

func AuthenticateWithTOTP 

func AuthenticateWithTOTP(
	ctx context.Context,
	opts AuthenticateWithTOTPOpts,
) (AuthenticateResponse, error)

AuthenticateWithTOTP authenticates a user by verifying a time-based one-time password (TOTP)

type AuthenticateWithCodeOpts 

type AuthenticateWithCodeOpts struct {
	ClientID     string `json:"client_id"`
	Code         string `json:"code"`
	CodeVerifier string `json:"code_verifier,omitempty"`
	IPAddress    string `json:"ip_address,omitempty"`
	UserAgent    string `json:"user_agent,omitempty"`
}

type AuthenticateWithEmailVerificationCodeOpts 

type AuthenticateWithEmailVerificationCodeOpts struct {
	ClientID                   string `json:"client_id"`
	Code                       string `json:"code"`
	PendingAuthenticationToken string `json:"pending_authentication_token"`
	IPAddress                  string `json:"ip_address,omitempty"`
	UserAgent                  string `json:"user_agent,omitempty"`
}

type AuthenticateWithMagicAuthOpts 

type AuthenticateWithMagicAuthOpts struct {
	ClientID string `json:"client_id"`
	Code     string `json:"code"`
	Email    string `json:"email"`

	// An authorization code used in a previous authenticate request that resulted in an existing user error response.
	// By specifying link_authorization_code, the Magic Auth authentication will link the credentials of the previous
	// authorization code with this user.
	LinkAuthorizationCode string `json:"link_authorization_code,omitempty"`
	IPAddress             string `json:"ip_address,omitempty"`
	UserAgent             string `json:"user_agent,omitempty"`
}

type AuthenticateWithOrganizationSelectionOpts 

type AuthenticateWithOrganizationSelectionOpts struct {
	ClientID                   string `json:"client_id"`
	PendingAuthenticationToken string `json:"pending_authentication_token"`
	OrganizationID             string `json:"organization_id"`
	IPAddress                  string `json:"ip_address,omitempty"`
	UserAgent                  string `json:"user_agent,omitempty"`
}

type AuthenticateWithPasswordOpts 

type AuthenticateWithPasswordOpts struct {
	ClientID  string `json:"client_id"`
	Email     string `json:"email"`
	Password  string `json:"password"`
	IPAddress string `json:"ip_address,omitempty"`
	UserAgent string `json:"user_agent,omitempty"`
}

type AuthenticateWithRefreshTokenOpts 

type AuthenticateWithRefreshTokenOpts struct {
	ClientID       string `json:"client_id"`
	RefreshToken   string `json:"refresh_token"`
	OrganizationID string `json:"organization_id,omitempty"`
	IPAddress      string `json:"ip_address,omitempty"`
	UserAgent      string `json:"user_agent,omitempty"`
}

type AuthenticateWithTOTPOpts 

type AuthenticateWithTOTPOpts struct {
	ClientID                   string `json:"client_id"`
	Code                       string `json:"code"`
	IPAddress                  string `json:"ip_address,omitempty"`
	UserAgent                  string `json:"user_agent,omitempty"`
	PendingAuthenticationToken string `json:"pending_authentication_token"`
	AuthenticationChallengeID  string `json:"authentication_challenge_id"`
}

type AuthenticationMethod 

type AuthenticationMethod string

AuthenticationMethod represents the authentication method used to authenticate the user. 

const (
	SSO                           AuthenticationMethod = "SSO"
	Password                      AuthenticationMethod = "Password"
	AppleOAuth                    AuthenticationMethod = "AppleOAuth"
	GitHubOAuth                   AuthenticationMethod = "GitHubOAuth"
	GoogleOAuth                   AuthenticationMethod = "GoogleOAuth"
	MicrosoftOAuth                AuthenticationMethod = "MicrosoftOAuth"
	MagicAuthAuthenticationMethod AuthenticationMethod = "MagicAuth"
	Impersonation                 AuthenticationMethod = "Impersonation"
)

Constants that enumerate the available authentication methods.

type Client 

type Client struct {
	// The WorkOS api key. It can be found in
	// https://dashboard.workos.com/api-keys.
	//
	// REQUIRED.
	APIKey string

	// The http.Client that is used to send request to WorkOS.
	//
	// Defaults to http.Client.
	HTTPClient *http.Client

	// The endpoint to WorkOS API.
	//
	// Defaults to https://api.workos.com.
	Endpoint string

	// The function used to encode in JSON. Defaults to json.Marshal.
	JSONEncode func(v interface{}) ([]byte, error)
}

Client represents a client that fetch User Management data from WorkOS API.

func NewClient 

func NewClient(apiKey string) *Client

func (*Client) AuthenticateWithCode 

func (c *Client) AuthenticateWithCode(ctx context.Context, opts AuthenticateWithCodeOpts) (AuthenticateResponse, error)

AuthenticateWithCode authenticates an OAuth user or a managed SSO user that is logging in through SSO

func (*Client) AuthenticateWithEmailVerificationCode 

func (c *Client) AuthenticateWithEmailVerificationCode(ctx context.Context, opts AuthenticateWithEmailVerificationCodeOpts) (AuthenticateResponse, error)

AuthenticateWithEmailVerificationCode authenticates a user by verifying a code sent to their email address

func (*Client) AuthenticateWithMagicAuth 

func (c *Client) AuthenticateWithMagicAuth(ctx context.Context, opts AuthenticateWithMagicAuthOpts) (AuthenticateResponse, error)

AuthenticateWithMagicAuth authenticates a user by verifying a one-time code sent to the user's email address by the Magic Auth Send Code endpoint.

func (*Client) AuthenticateWithOrganizationSelection 

func (c *Client) AuthenticateWithOrganizationSelection(ctx context.Context, opts AuthenticateWithOrganizationSelectionOpts) (AuthenticateResponse, error)

AuthenticateWithOrganizationSelection completes authentication for a user given an organization they've selected.

func (*Client) AuthenticateWithPassword 

func (c *Client) AuthenticateWithPassword(ctx context.Context, opts AuthenticateWithPasswordOpts) (AuthenticateResponse, error)

AuthenticateWithPassword authenticates a user with Email and Password

func (*Client) AuthenticateWithRefreshToken 

func (c *Client) AuthenticateWithRefreshToken(ctx context.Context, opts AuthenticateWithRefreshTokenOpts) (RefreshAuthenticationResponse, error)

AuthenticateWithRefreshToken obtains a new AccessToken and RefreshToken for an existing session

func (*Client) AuthenticateWithTOTP 

func (c *Client) AuthenticateWithTOTP(ctx context.Context, opts AuthenticateWithTOTPOpts) (AuthenticateResponse, error)

AuthenticateWithTOTP authenticates a user by verifying a time-based one-time password (TOTP)

func (*Client) CreateMagicAuth 

func (c *Client) CreateMagicAuth(ctx context.Context, opts CreateMagicAuthOpts) (MagicAuth, error)

CreateMagicAuth creates a one-time Magic Auth code that can be emailed to the user.

func (*Client) CreateOrganizationMembership 

func (c *Client) CreateOrganizationMembership(ctx context.Context, opts CreateOrganizationMembershipOpts) (OrganizationMembership, error)

Create an Organization Membership. Adds a User to an Organization.

func (*Client) CreatePasswordReset 

func (c *Client) CreatePasswordReset(ctx context.Context, opts CreatePasswordResetOpts) (PasswordReset, error)

CreatePasswordReset creates a PasswordReset token that can be emailed to the user.

func (*Client) CreateUser 

func (c *Client) CreateUser(ctx context.Context, opts CreateUserOpts) (User, error)

CreateUser create a new user with email password authentication. Only unmanaged users can be created directly using the User Management API.

func (*Client) DeactivateOrganizationMembership 

func (c *Client) DeactivateOrganizationMembership(ctx context.Context, opts DeactivateOrganizationMembershipOpts) (OrganizationMembership, error)

DeactivateOrganizationMembership deactivates an Organization Membership

func (*Client) DeleteOrganizationMembership 

func (c *Client) DeleteOrganizationMembership(ctx context.Context, opts DeleteOrganizationMembershipOpts) error

Delete an Organization Membership. Removes the membership's User from its Organization.

func (*Client) DeleteUser 

func (c *Client) DeleteUser(ctx context.Context, opts DeleteUserOpts) error

DeleteUser delete an existing user.

func (*Client) EnrollAuthFactor 

func (c *Client) EnrollAuthFactor(ctx context.Context, opts EnrollAuthFactorOpts) (EnrollAuthFactorResponse, error)

EnrollAuthFactor enrolls an authentication factor for the user.

func (*Client) FindInvitationByToken 

func (c *Client) FindInvitationByToken(ctx context.Context, opts FindInvitationByTokenOpts) (Invitation, error)

FindInvitationByToken fetches an Invitation by its token.

func (*Client) GetAuthorizationURL 

func (c *Client) GetAuthorizationURL(opts GetAuthorizationURLOpts) (*url.URL, error)

GetAuthorizationURL generates an OAuth 2.0 authorization URL. To indicate the connection to use for authentication, use one of the following connection selectors: connection_id, organization_id, or provider. These connection selectors are mutually exclusive, and exactly one must be provided.

func (*Client) GetEmailVerification 

func (c *Client) GetEmailVerification(ctx context.Context, opts GetEmailVerificationOpts) (EmailVerification, error)

GetEmailVerification fetches an EmailVerification object by its ID.

func (*Client) GetInvitation 

func (c *Client) GetInvitation(ctx context.Context, opts GetInvitationOpts) (Invitation, error)

GetInvitation fetches an Invitation by its ID.

func (*Client) GetJWKSURL 

func (c *Client) GetJWKSURL(clientID string) (*url.URL, error)

func (*Client) GetLogoutURL 

func (c *Client) GetLogoutURL(opts GetLogoutURLOpts) (*url.URL, error)

func (*Client) GetMagicAuth 

func (c *Client) GetMagicAuth(ctx context.Context, opts GetMagicAuthOpts) (MagicAuth, error)

GetMagicAuth fetches a Magic Auth object by its ID.

func (*Client) GetOrganizationMembership 

func (c *Client) GetOrganizationMembership(ctx context.Context, opts GetOrganizationMembershipOpts) (OrganizationMembership, error)

GetOrganizationMembership returns details of an existing Organization Membership

func (*Client) GetPasswordReset 

func (c *Client) GetPasswordReset(ctx context.Context, opts GetPasswordResetOpts) (PasswordReset, error)

GetPasswordReset fetches a PasswordReset object by its ID.

func (*Client) GetUser 

func (c *Client) GetUser(ctx context.Context, opts GetUserOpts) (User, error)

GetUser returns details of an existing user

func (*Client) GetUserByExternalID 

func (c *Client) GetUserByExternalID(ctx context.Context, opts GetUserByExternalIDOpts) (User, error)

func (*Client) ListAuthFactors 

func (c *Client) ListAuthFactors(ctx context.Context, opts ListAuthFactorsOpts) (ListAuthFactorsResponse, error)

ListAuthFactors lists the available authentication factors for the user.

func (*Client) ListIdentities 

func (c *Client) ListIdentities(ctx context.Context, opts ListIdentitiesOpts) (ListIdentitiesResult, error)

func (*Client) ListInvitations 

func (c *Client) ListInvitations(ctx context.Context, opts ListInvitationsOpts) (ListInvitationsResponse, error)

ListInvitations gets a list of all of your existing Invitations matching the criteria specified.

func (*Client) ListOrganizationMemberships 

func (c *Client) ListOrganizationMemberships(ctx context.Context, opts ListOrganizationMembershipsOpts) (ListOrganizationMembershipsResponse, error)

List Organization Memberships matching the criteria specified.

func (*Client) ListUsers 

func (c *Client) ListUsers(ctx context.Context, opts ListUsersOpts) (ListUsersResponse, error)

ListUsers get a list of all of your existing users matching the criteria specified.

func (*Client) ReactivateOrganizationMembership 

func (c *Client) ReactivateOrganizationMembership(ctx context.Context, opts ReactivateOrganizationMembershipOpts) (OrganizationMembership, error)

ReactivateOrganizationMembership reactivates an Organization Membership

func (*Client) ResendInvitation added in v6.0.1 

func (c *Client) ResendInvitation(ctx context.Context, opts ResendInvitationOpts) (Invitation, error)

func (*Client) ResetPassword 

func (c *Client) ResetPassword(ctx context.Context, opts ResetPasswordOpts) (UserResponse, error)

ResetPassword resets user password using token that was sent to the user.

func (*Client) RevokeInvitation 

func (c *Client) RevokeInvitation(ctx context.Context, opts RevokeInvitationOpts) (Invitation, error)

func (*Client) RevokeSession 

func (c *Client) RevokeSession(ctx context.Context, opts RevokeSessionOpts) error

func (*Client) SendInvitation 

func (c *Client) SendInvitation(ctx context.Context, opts SendInvitationOpts) (Invitation, error)

func (*Client) SendMagicAuthCode deprecated 

func (c *Client) SendMagicAuthCode(ctx context.Context, opts SendMagicAuthCodeOpts) error

Deprecated: Use CreateMagicAuth instead. This method will be removed in a future major version.

func (*Client) SendPasswordResetEmail deprecated 

func (c *Client) SendPasswordResetEmail(ctx context.Context, opts SendPasswordResetEmailOpts) error

Deprecated: Use CreatePasswordReset instead. This method will be removed in a future major version.

func (*Client) SendVerificationEmail 

func (c *Client) SendVerificationEmail(ctx context.Context, opts SendVerificationEmailOpts) (UserResponse, error)

SendVerificationEmail creates an email verification challenge and emails verification token to user.

func (*Client) UpdateOrganizationMembership 

func (c *Client) UpdateOrganizationMembership(
	ctx context.Context,
	organizationMembershipId string,
	opts UpdateOrganizationMembershipOpts,
) (OrganizationMembership, error)

Update an Organization Membership

func (*Client) UpdateUser 

func (c *Client) UpdateUser(ctx context.Context, opts UpdateUserOpts) (User, error)

UpdateUser updates User attributes.

func (*Client) VerifyEmail 

func (c *Client) VerifyEmail(ctx context.Context, opts VerifyEmailOpts) (UserResponse, error)

VerifyEmail verifies a user's email using the verification token that was sent to the user.

type CreateMagicAuthOpts 

type CreateMagicAuthOpts struct {
	// The email address the one-time code is for.
	Email           string `json:"email"`
	InvitationToken string `json:"invitation_token,omitempty"`
}

type CreateOrganizationMembershipOpts 

type CreateOrganizationMembershipOpts struct {
	// The ID of the User to add as a member.
	UserID string `json:"user_id"`

	// The ID of the Organization in which to add the User as a member.
	OrganizationID string `json:"organization_id"`

	// The slug of the Role in which to grant this membership. If no RoleSlug is given, the default role will be granted. Mutually exclusive with RoleSlugs.
	// OPTIONAL
	RoleSlug string `json:"role_slug,omitempty"`

	// The slugs of the Roles in which to grant this membership. Mutually exclusive with `role_slug`. Limited to one role when Multiple Roles is disabled.
	// OPTIONAL
	RoleSlugs []string `json:"role_slugs,omitempty"`
}

type CreatePasswordResetOpts 

type CreatePasswordResetOpts struct {
	// The email address the password reset is for.
	Email string `json:"email"`
}

type CreateUserOpts 

type CreateUserOpts struct {
	Email            string            `json:"email"`
	Password         string            `json:"password,omitempty"`
	PasswordHash     string            `json:"password_hash,omitempty"`
	PasswordHashType PasswordHashType  `json:"password_hash_type,omitempty"`
	FirstName        string            `json:"first_name,omitempty"`
	LastName         string            `json:"last_name,omitempty"`
	EmailVerified    bool              `json:"email_verified,omitempty"`
	ExternalID       string            `json:"external_id,omitempty"`
	Metadata         map[string]string `json:"metadata,omitempty"`
}

type DeactivateOrganizationMembershipOpts 

type DeactivateOrganizationMembershipOpts struct {
	// Organization Membership unique identifier
	OrganizationMembership string
}

type DeleteOrganizationMembershipOpts 

type DeleteOrganizationMembershipOpts struct {
	// The ID of the Organization Membership to delete.
	OrganizationMembership string
}

type DeleteUserOpts 

type DeleteUserOpts struct {
	User string
}

type EmailVerification 

type EmailVerification struct {
	ID        string `json:"id"`
	UserId    string `json:"user_id"`
	Email     string `json:"email"`
	ExpiresAt string `json:"expires_at"`
	Code      string `json:"code"`
	CreatedAt string `json:"created_at"`
	UpdatedAt string `json:"updated_at"`
}

func GetEmailVerification 

func GetEmailVerification(
	ctx context.Context,
	opts GetEmailVerificationOpts,
) (EmailVerification, error)

GetEmailVerification fetches an EmailVerification object by its ID.

type EnrollAuthFactorOpts 

type EnrollAuthFactorOpts struct {
	User       string
	Type       mfa.FactorType `json:"type"`
	TOTPIssuer string         `json:"totp_issuer,omitempty"`
	TOTPUser   string         `json:"totp_user,omitempty"`
	TOTPSecret string         `json:"totp_secret,omitempty"`
}

type EnrollAuthFactorResponse 

type EnrollAuthFactorResponse struct {
	Factor    mfa.Factor    `json:"authentication_factor"`
	Challenge mfa.Challenge `json:"authentication_challenge"`
}

func EnrollAuthFactor 

func EnrollAuthFactor(
	ctx context.Context,
	opts EnrollAuthFactorOpts,
) (EnrollAuthFactorResponse, error)

EnrollAuthFactor enrolls an authentication factor for the user.

type FindInvitationByTokenOpts 

type FindInvitationByTokenOpts struct {
	InvitationToken string
}

type GetAuthorizationURLOpts 

type GetAuthorizationURLOpts struct {
	// Your WorkOS Project's Client ID.
	//
	// REQUIRED.
	ClientID string
	//Optional Used for PKCE
	CodeChallenge string
	//Optional Used for PKCE
	CodeChallengeMethod string
	// The callback URL where your app redirects the user after an
	// authorization code is granted (eg. https://foo.com/callback).
	//
	// REQUIRED.
	RedirectURI string

	// The Provider connection selector is used to initiate SSO using an OAuth-compatible provider.
	Provider string

	// The ConnectionID connection selector is used to initiate SSO for a Connection.
	ConnectionID string

	// The organization_id connection selector is used to initiate SSO for an Organization.
	OrganizationID string

	// Use state to encode arbitrary information to restore state through redirects.
	//
	// OPTIONAL.
	State string

	// Username/email hint that will be passed as a parameter to the to IdP login page.
	// OPTIONAL.
	LoginHint string

	// Domain hint that will be passed as a parameter to the IdP login page.
	// OPTIONAL.
	DomainHint string

	// ScreenHint represents the screen to redirect the user to when the provider is Authkit.
	// OPTIONAL.
	ScreenHint ScreenHint

	// Additional OAuth scopes to request during authentication
	// OPTIONAL.
	ProviderScopes []string `json:"provider_scopes,omitempty"`
}

GetAuthorizationURLOpts contains the options to pass in order to generate an authorization url.

type GetEmailVerificationOpts 

type GetEmailVerificationOpts struct {
	// The Email Verification's unique identifier.
	EmailVerification string
}

type GetInvitationOpts 

type GetInvitationOpts struct {
	Invitation string
}

type GetLogoutURLOpts 

type GetLogoutURLOpts struct {
	// The ID of the session that will end. This is in the `sid` claim of the
	// AccessToken
	//
	// REQUIRED
	SessionID string

	// The URL to redirect the user to after they have logged out.
	ReturnTo string
}

type GetMagicAuthOpts 

type GetMagicAuthOpts struct {
	MagicAuth string
}

type GetOrganizationMembershipOpts 

type GetOrganizationMembershipOpts struct {
	// Organization Membership unique identifier
	OrganizationMembership string
}

type GetPasswordResetOpts 

type GetPasswordResetOpts struct {
	// The Password Reset's unique identifier.
	PasswordReset string
}

type GetUserByExternalIDOpts 

type GetUserByExternalIDOpts struct {
	ExternalID string
}

type GetUserOpts 

type GetUserOpts struct {
	// User unique identifier
	User string `json:"id"`
}

GetUserOpts contains the options to pass in order to get a user profile.

type Identity 

type Identity struct {
	// The unique ID of the user in the external identity provider.
	IdpID string `json:"idp_id"`
	// The type of the identity.
	Type string `json:"type"`
	// The type of OAuth provider for the identity.
	Provider string `json:"provider"`
}

Represents User identities obtained from external identity providers.

type Impersonator 

type Impersonator struct {
	// The email address of the WorkOS Dashboard user using impersonation.
	Email string `json:"email"`

	// The reason provided by the impersonator for impersonating the user.
	Reason string `json:"reason"`
}

type Invitation 

type Invitation struct {
	ID                  string          `json:"id"`
	Email               string          `json:"email"`
	State               InvitationState `json:"state"`
	AcceptedAt          string          `json:"accepted_at,omitempty"`
	RevokedAt           string          `json:"revoked_at,omitempty"`
	Token               string          `json:"token"`
	AcceptInvitationUrl string          `json:"accept_invitation_url"`
	OrganizationID      string          `json:"organization_id,omitempty"`
	InviterUserID       string          `json:"inviter_user_id,omitempty"`
	ExpiresAt           string          `json:"expires_at"`
	CreatedAt           string          `json:"created_at"`
	UpdatedAt           string          `json:"updated_at"`
}

func FindInvitationByToken 

func FindInvitationByToken(
	ctx context.Context,
	opts FindInvitationByTokenOpts,
) (Invitation, error)

func GetInvitation 

func GetInvitation(
	ctx context.Context,
	opts GetInvitationOpts,
) (Invitation, error)

func ResendInvitation added in v6.0.1 

func ResendInvitation(
	ctx context.Context,
	opts ResendInvitationOpts,
) (Invitation, error)

func RevokeInvitation 

func RevokeInvitation(
	ctx context.Context,
	opts RevokeInvitationOpts,
) (Invitation, error)

func SendInvitation 

func SendInvitation(
	ctx context.Context,
	opts SendInvitationOpts,
) (Invitation, error)

type InvitationState 

type InvitationState string

InvitationState represents the state of an Invitation. 

const (
	Pending  InvitationState = "pending"
	Accepted InvitationState = "accepted"
	Expired  InvitationState = "expired"
	Revoked  InvitationState = "revoked"
)

Constants that enumerate the state of an Invitation.

type ListAuthFactorsOpts 

type ListAuthFactorsOpts struct {
	User string
}

type ListAuthFactorsResponse 

type ListAuthFactorsResponse struct {
	Data []mfa.Factor `json:"data"`

	ListMetadata common.ListMetadata `json:"list_metadata"`
}

func ListAuthFactors 

func ListAuthFactors(
	ctx context.Context,
	opts ListAuthFactorsOpts,
) (ListAuthFactorsResponse, error)

ListAuthFactors lists the available authentication factors for the user.

type ListIdentitiesOpts 

type ListIdentitiesOpts struct {
	ID string `json:"id"`
}

type ListIdentitiesResult 

type ListIdentitiesResult = []Identity

type ListInvitationsOpts 

type ListInvitationsOpts struct {
	OrganizationID string `url:"organization_id,omitempty"`

	Email string `url:"email,omitempty"`

	// Maximum number of records to return.
	Limit int `url:"limit"`

	// The order in which to paginate records.
	Order Order `url:"order,omitempty"`

	// Pagination cursor to receive records before a provided User ID.
	Before string `url:"before,omitempty"`

	// Pagination cursor to receive records after a provided User ID.
	After string `url:"after,omitempty"`
}

type ListInvitationsResponse 

type ListInvitationsResponse struct {
	// List of Invitations
	Data []Invitation `json:"data"`

	// Cursor to paginate through the list of Invitations
	ListMetadata common.ListMetadata `json:"list_metadata"`
}

ListInvitations contains the response from the ListInvitations call.

func ListInvitations 

func ListInvitations(
	ctx context.Context,
	opts ListInvitationsOpts,
) (ListInvitationsResponse, error)

type ListOrganizationMembershipsOpts 

type ListOrganizationMembershipsOpts struct {
	// Filter memberships by Organization ID.
	OrganizationID string `url:"organization_id,omitempty"`

	// Filter memberships by User ID.
	UserID string `url:"user_id,omitempty"`

	// Filter memberships by status
	Statuses []OrganizationMembershipStatus `url:"statuses,omitempty"`

	// Maximum number of records to return.
	Limit int `url:"limit"`

	// The order in which to paginate records.
	Order Order `url:"order,omitempty"`

	// Pagination cursor to receive records before a provided
	// Organization Membership ID.
	Before string `url:"before,omitempty"`

	// Pagination cursor to receive records after a provided
	// Organization Membership ID.
	After string `url:"after,omitempty"`
}

type ListOrganizationMembershipsResponse 

type ListOrganizationMembershipsResponse struct {
	Data []OrganizationMembership `json:"data"`

	ListMetadata common.ListMetadata `json:"list_metadata"`
}

func ListOrganizationMemberships 

func ListOrganizationMemberships(
	ctx context.Context,
	opts ListOrganizationMembershipsOpts,
) (ListOrganizationMembershipsResponse, error)

ListOrganizationMemberships gets a list of OrganizationMemberhips.

type ListUsersOpts 

type ListUsersOpts struct {
	// Filter Users by their email.
	Email string `url:"email,omitempty"`

	// Filter Users by the organization they are members of.
	OrganizationID string `url:"organization_id,omitempty"`

	// Maximum number of records to return.
	Limit int `url:"limit"`

	// The order in which to paginate records.
	Order Order `url:"order,omitempty"`

	// Pagination cursor to receive records before a provided User ID.
	Before string `url:"before,omitempty"`

	// Pagination cursor to receive records after a provided User ID.
	After string `url:"after,omitempty"`
}

type ListUsersResponse 

type ListUsersResponse struct {
	// List of Users
	Data []User `json:"data"`

	// Cursor to paginate through the list of Users
	ListMetadata common.ListMetadata `json:"list_metadata"`
}

ListUsersResponse contains the response from the ListUsers call.

func ListUsers 

func ListUsers(
	ctx context.Context,
	opts ListUsersOpts,
) (ListUsersResponse, error)

ListUsers gets a list of Users.

type MagicAuth 

type MagicAuth struct {
	ID        string `json:"id"`
	UserId    string `json:"user_id"`
	Email     string `json:"email"`
	ExpiresAt string `json:"expires_at"`
	Code      string `json:"code"`
	CreatedAt string `json:"created_at"`
	UpdatedAt string `json:"updated_at"`
}

func CreateMagicAuth 

func CreateMagicAuth(
	ctx context.Context,
	opts CreateMagicAuthOpts,
) (MagicAuth, error)

CreateMagicAuth creates a one-time code that can be sent to the user's email address and used for authentication.

func GetMagicAuth 

func GetMagicAuth(
	ctx context.Context,
	opts GetMagicAuthOpts,
) (MagicAuth, error)

GetMagicAuth fetches a Magic Auth object by its ID.

type OAuthTokens 

type OAuthTokens struct {
	// The access token from the OAuth provider
	AccessToken string `json:"access_token"`

	// The refresh token from the OAuth provider
	RefreshToken string `json:"refresh_token"`

	// The scopes granted by the OAuth provider
	Scopes []string `json:"scopes"`

	// The expiration time of the access token
	ExpiresAt int `json:"expires_at"`
}

type Order 

type Order string

Order represents the order of records. 

const (
	Asc  Order = "asc"
	Desc Order = "desc"
)

Constants that enumerate the available orders.

type Organization 

type Organization struct {
	// The Organization's unique identifier.
	ID string `json:"id"`

	// The Organization's name.
	Name string `json:"name"`
}

Organization contains data about a particular Organization.

type OrganizationMembership 

type OrganizationMembership struct {
	// The Organization Membership's unique identifier.
	ID string `json:"id"`

	// The ID of the User.
	UserID string `json:"user_id"`

	// The ID of the Organization.
	OrganizationID string `json:"organization_id"`

	// The name of the Organization.
	OrganizationName string `json:"organization_name"`

	// The role given to this Organization Membership or priority role if multiple roles are assigned.
	Role common.RoleResponse `json:"role"`

	// All roles for the Organization Membership
	Roles []common.RoleResponse `json:"roles"`

	// The Status of the Organization.
	Status OrganizationMembershipStatus `json:"status"`

	// CreatedAt is the timestamp of when the OrganizationMembership was created.
	CreatedAt string `json:"created_at"`

	// UpdatedAt is the timestamp of when the OrganizationMembership was updated.
	UpdatedAt string `json:"updated_at"`
}

OrganizationMembership contains data about a particular OrganizationMembership.

func CreateOrganizationMembership 

func CreateOrganizationMembership(
	ctx context.Context,
	opts CreateOrganizationMembershipOpts,
) (OrganizationMembership, error)

CreateOrganizationMembership creates an OrganizationMembership.

func DeactivateOrganizationMembership 

func DeactivateOrganizationMembership(
	ctx context.Context,
	opts DeactivateOrganizationMembershipOpts,
) (OrganizationMembership, error)

DeactivateOrganizationMembership deactivates an OrganizationMembership.

func GetOrganizationMembership 

func GetOrganizationMembership(
	ctx context.Context,
	opts GetOrganizationMembershipOpts,
) (OrganizationMembership, error)

GetOrganizationMembership gets an OrganizationMembership.

func ReactivateOrganizationMembership 

func ReactivateOrganizationMembership(
	ctx context.Context,
	opts ReactivateOrganizationMembershipOpts,
) (OrganizationMembership, error)

ReactivateOrganizationMembership reactivates an OrganizationMembership.

func UpdateOrganizationMembership 

func UpdateOrganizationMembership(
	ctx context.Context,
	organizationMembershipId string,
	opts UpdateOrganizationMembershipOpts,
) (OrganizationMembership, error)

UpdateOrganizationMembership updates an OrganizationMembership.

type OrganizationMembershipStatus 

type OrganizationMembershipStatus string

OrganizationMembershipStatus represents the status of an Organization Membership. 

const (
	Active                        OrganizationMembershipStatus = "active"
	Inactive                      OrganizationMembershipStatus = "inactive"
	PendingOrganizationMembership OrganizationMembershipStatus = "pending"
)

Constants that enumerate the status of an Organization Membership.

type PasswordHashType 

type PasswordHashType string

The algorithm originally used to hash the password. 

const (
	Bcrypt PasswordHashType = "bcrypt"
)

Constants that enumerate the available password hash types.

type PasswordReset 

type PasswordReset struct {
	ID                 string `json:"id"`
	UserId             string `json:"user_id"`
	Email              string `json:"email"`
	PasswordResetToken string `json:"password_reset_token"`
	PasswordResetUrl   string `json:"password_reset_url"`
	ExpiresAt          string `json:"expires_at"`
	CreatedAt          string `json:"created_at"`
}

func CreatePasswordReset 

func CreatePasswordReset(
	ctx context.Context,
	opts CreatePasswordResetOpts,
) (PasswordReset, error)

CreatePasswordReset creates a password reset token that can be sent to the user's email address and used to reset the password.

func GetPasswordReset 

func GetPasswordReset(
	ctx context.Context,
	opts GetPasswordResetOpts,
) (PasswordReset, error)

GetPasswordReset fetches a Password Reset object by its ID.

type ReactivateOrganizationMembershipOpts 

type ReactivateOrganizationMembershipOpts struct {
	// Organization Membership unique identifier
	OrganizationMembership string
}

type RefreshAuthenticationResponse 

type RefreshAuthenticationResponse struct {
	// The AccessToken can be validated to confirm that a user has an active session.
	AccessToken string `json:"access_token"`

	// This RefreshToken can be used to obtain a new AccessToken using
	// `AuthenticateWithRefreshToken`
	RefreshToken string `json:"refresh_token"`
}

func AuthenticateWithRefreshToken 

func AuthenticateWithRefreshToken(
	ctx context.Context,
	opts AuthenticateWithRefreshTokenOpts,
) (RefreshAuthenticationResponse, error)

AuthenticateWithRefreshToken obtains a new AccessToken and RefreshToken for an existing session

type ResendInvitationOpts added in v6.0.1 

type ResendInvitationOpts struct {
	Invitation string
}

type ResetPasswordOpts 

type ResetPasswordOpts struct {
	// The verification token emailed to the user.
	Token string `json:"token"`

	// The new password to be set for the user.
	NewPassword string `json:"new_password"`
}

type RevokeInvitationOpts 

type RevokeInvitationOpts struct {
	Invitation string
}

type RevokeSessionOpts 

type RevokeSessionOpts struct {
	SessionID string `json:"session_id"`
}

type ScreenHint 

type ScreenHint string

ScreenHint represents the screen to redirect the user to in Authkit 

const (
	SignUp ScreenHint = "sign-up"
	SignIn ScreenHint = "sign-in"
)

Constants that enumerate the available screen hints.

type SendInvitationOpts 

type SendInvitationOpts struct {
	Email          string `json:"email"`
	OrganizationID string `json:"organization_id,omitempty"`
	ExpiresInDays  int    `json:"expires_in_days,omitempty"`
	InviterUserID  string `json:"inviter_user_id,omitempty"`
	RoleSlug       string `json:"role_slug,omitempty"`
}

type SendMagicAuthCodeOpts 

type SendMagicAuthCodeOpts struct {
	// The email address the one-time code will be sent to.
	Email string `json:"email"`
}

type SendPasswordResetEmailOpts 

type SendPasswordResetEmailOpts struct {
	// The unique ID of the User whose email address will be verified.
	Email string `json:"email"`

	// The URL that will be linked to in the verification email.
	PasswordResetUrl string `json:"password_reset_url"`
}

type SendVerificationEmailOpts 

type SendVerificationEmailOpts struct {
	// The unique ID of the User who will be sent a verification email.
	User string
}

type UpdateOrganizationMembershipOpts 

type UpdateOrganizationMembershipOpts struct {
	// The slug of the Role to update to for this membership.
	// OPTIONAL
	RoleSlug string `json:"role_slug,omitempty"`

	// The slugs of the Roles to update this membership to. Mutually exclusive with `role_slug`. Limited to one role when Multiple Roles is disabled.
	// OPTIONAL
	RoleSlugs []string `json:"role_slugs,omitempty"`
}

type UpdateUserOpts 

type UpdateUserOpts struct {
	User             string
	Email            string             `json:"email,omitempty"`
	FirstName        string             `json:"first_name,omitempty"`
	LastName         string             `json:"last_name,omitempty"`
	EmailVerified    bool               `json:"email_verified,omitempty"`
	Password         string             `json:"password,omitempty"`
	PasswordHash     string             `json:"password_hash,omitempty"`
	PasswordHashType PasswordHashType   `json:"password_hash_type,omitempty"`
	ExternalID       string             `json:"external_id,omitempty"`
	Metadata         map[string]*string `json:"metadata,omitempty"`
}

type User 

type User = common.User

User contains data about a particular User. User is an alias for common.User to maintain backwards compatibility

func CreateUser 

func CreateUser(
	ctx context.Context,
	opts CreateUserOpts,
) (User, error)

CreateUser creates a User.

func GetUser 

func GetUser(
	ctx context.Context,
	opts GetUserOpts,
) (User, error)

GetUser gets a User.

func GetUserByExternalID 

func GetUserByExternalID(
	ctx context.Context,
	opts GetUserByExternalIDOpts,
) (User, error)

GetUser gets a User.

func UpdateUser 

func UpdateUser(
	ctx context.Context,
	opts UpdateUserOpts,
) (User, error)

UpdateUser creates a User.

type UserResponse 

type UserResponse struct {
	User User `json:"user"`
}

func ResetPassword 

func ResetPassword(
	ctx context.Context,
	opts ResetPasswordOpts,
) (UserResponse, error)

ResetPassword resets user password using token that was sent to the user.

func SendVerificationEmail 

func SendVerificationEmail(
	ctx context.Context,
	opts SendVerificationEmailOpts,
) (UserResponse, error)

SendVerificationEmail creates an email verification challenge and emails verification token to user.

func VerifyEmail 

func VerifyEmail(
	ctx context.Context,
	opts VerifyEmailOpts,
) (UserResponse, error)

VerifyEmail verifies a user's email using the verification token that was sent to the user.

type VerifyEmailOpts 

type VerifyEmailOpts struct {
	// The unique ID of the User whose email address will be verified.
	User string
	// The verification code emailed to the user.
	Code string `json:"code"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.