Mix.install([
{:workos, "~> 1.0.0"},
{:kino, "~> 0.9.4"}
])
To start using WorkOS, create a client
with the API key and client ID that you copy via the WorkOS Dashboard:
client = WorkOS.client(api_key: System.fetch_env!("WORKOS_API_KEY"), client_id: System.fetch_env!("WORKOS_CLIENT_ID"))
Note that if you choose to configure WorkOS in your app config, passing a client struct is always optional.
We've created some inputs below to be used along the API calls. Feel free to replace these as needed!
Generate an OAuth 2.0 authorization URL.
provider = Kino.Input.text("Provider", default: "GoogleOAuth") |> Kino.render()
redirect_uri =
Kino.Input.text("RedirectUri", default: "example.com/sso/workos/callback") |> Kino.render()
client_id = Kino.Input.text("ClientID", default: "project_12345") |> Kino.render()
Kino.nothing()
{:ok, url} =
WorkOS.SSO.get_authorization_url(%{
provider: Kino.Input.read(provider),
redirect_uri: Kino.Input.read(redirect_uri),
client_id: Kino.Input.read(client_id)
})
Get an access token along with the user Profile using the code
passed to your Redirect URI.
code = Kino.Input.text("Code") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.SSO.ProfileAndToken{access_token: access_token, profile: profile}} =
WorkOS.SSO.get_profile_and_token(client, Kino.Input.read(code))
Exchange an access token for a user’s Profile.
access_token = Kino.Input.text("Access Token") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.SSO.Profile{id: id}} =
WorkOS.SSO.get_profile(client, Kino.Input.read(access_token))
Get the details of an existing Connection.
connection_id = Kino.Input.text("Connection ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.SSO.Connection{id: id}} =
WorkOS.SSO.get_connection(client, Kino.Input.read(connection_id))
Get a list of all of your existing connections matching the criteria specified.
{:ok, %WorkOS.List{}} =
WorkOS.SSO.list_connections(client)
Delete an existing connection.
connection_id = Kino.Input.text("Connection ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Empty{}} = WorkOS.SSO.delete_connection(client, Kino.Input.read(connection_id))
Get a list of all of your existing organizations matching the criteria specified.
{:ok, %WorkOS.List{}} =
WorkOS.Organizations.list_organizations(client)
Deletes an organization in the current environment.
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Empty{}} = WorkOS.Organizations.delete_organization(client, Kino.Input.read(organization_id))
Get the details of an existing organization.
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Organizations.Organization{id: id}} =
WorkOS.Organizations.get_organization(client, Kino.Input.read(organization_id))
Creates a new organization in the current environment.
name = Kino.Input.text("Name") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Organizations.Organization{id: id, name: name}} =
WorkOS.Organizations.create_organization(client, %{
name: Kino.Input.read(name),
allow_profiles_outside_organization: false
})
Updates an organization in the current environment.
name = Kino.Input.text("Name") |> Kino.render()
organization = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Organizations.Organization{id: id, name: name}} =
WorkOS.Organizations.update_organization(client, %{
name: Kino.Input.read(name),
organization: Kino.Input.read(organization)
})
Generate a Portal Link scoped to an Organization.
organization = Kino.Input.text("Organization") |> Kino.render()
intent = Kino.Input.text("Intent") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Portal.Link{link: link}} =
WorkOS.Portal.generate_link(client, %{
organization: Kino.Input.read(organization),
intent: Kino.Input.read(intent),
})
Get the details of an existing directory.
directory_id = Kino.Input.text("Directory ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.DirectorySync.Directory{id: id}} =
WorkOS.DirectorySync.get_directory(client, Kino.Input.read(directory_id))
Get a list of all of your existing directories matching the criteria specified.
{:ok, %WorkOS.List{}} =
WorkOS.DirectorySync.list_directories(client)
Delete an existing directory.
directory_id = Kino.Input.text("Directory ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Empty{}} = WorkOS.DirectorySync.delete_directory(client, Kino.Input.read(directory_id))
Get the details of an existing Directory User.
directory_user_id = Kino.Input.text("Directory User ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.DirectorySync.Directory.User{id: id}} =
WorkOS.DirectorySync.get_user(client, Kino.Input.read(directory_user_id))
Get a list of all of existing Directory Users matching the criteria specified.
directory_id = Kino.Input.text("Directory ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.List{}} =
WorkOS.DirectorySync.list_users(client, %{
directory: Kino.Input.read(directory_id),
})
Get the details of an existing Directory Group.
directory_group_id = Kino.Input.text("Directory Group ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.DirectorySync.Directory.Group{id: id}} =
WorkOS.DirectorySync.get_group(client, Kino.Input.read(directory_group_id))
Get a list of all of existing directory groups matching the criteria specified.
directory_id = Kino.Input.text("Directory ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.List{}} =
WorkOS.DirectorySync.list_groups(client, %{
directory: Kino.Input.read(directory_id),
})
Create a Passwordless Session for a Magic Link Connection.
email = Kino.Input.text("Email") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Passwordless.Session{id: id, name: name}} =
WorkOS.Passwordless.create_session(client, %{
type: "MagicLink",
email: Kino.Input.read(email)
})
Email a user the Magic Link confirmation URL.
session_id = Kino.Input.text("Passwordless Session ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Passwordless.Session.Send{}} =
WorkOS.Passwordless.send_session(client, Kino.Input.read(session_id))
{:ok, %WorkOS.List{}} = WorkOS.Events.list_events(client, %{})
Emits an Audit Log Event.
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Empty{}} = WorkOS.Events.create_event(client, %{
organization_id: organization_id,
event: %{
"action" => "document.updated",
"occurred_at" => "2022-09-08T19:46:03.435Z",
"actor" => %{
"id" => "user_1",
"name" => "Jon Smith",
"type" => "user"
},
"targets" => [
%{
"id" => "document_39127",
"type" => "document"
}
],
"context" => %{
"location" => "192.0.0.8",
"user_agent" => "Firefox"
},
"metadata" => %{
"successful" => true
}
}
})
Create an Audit Log Export.
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
range_start = Kino.Input.text("Range Start") |> Kino.render()
range_end = Kino.Input.text("Range End") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.AuditLogs.Export{id: id}} =
WorkOS.AuditLogs.create_export(client, %{
organization_id: Kino.Input.read(organization_id),
range_start: Kino.Input.read(range_start),
range_end: Kino.Input.read(range_end),
})
Get an Audit Log Export.
audit_log_export_id = Kino.Input.text("Audit Log Export ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.AuditLogs.Export{id: id}} =
WorkOS.AuditLogs.get_export(client, audit_log_export_id)
Generate an OAuth 2.0 authorization URL.
provider = Kino.Input.text("Provider", default: "authkit") |> Kino.render()
redirect_uri =
Kino.Input.text("RedirectUri", default: "example.com/sso/workos/callback") |> Kino.render()
client_id = Kino.Input.text("ClientID", default: "project_12345") |> Kino.render()
Kino.nothing()
{:ok, url} =
WorkOS.UserManagement.get_authorization_url(%{
provider: Kino.Input.read(provider),
redirect_uri: Kino.Input.read(redirect_uri),
client_id: Kino.Input.read(client_id)
})
Authenticates a user with email and password.
email = Kino.Input.text("Email") |> Kino.render()
password = Kino.Input.text("Password") |> Kino.render()
Kino.nothing()
{:ok, u%WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_password(client, %{
email: Kino.Input.read(provider),
password: Kino.Input.read(redirect_uri)
})
Authenticate a user using OAuth or an organization's SSO connection.
code = Kino.Input.text("Code") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_code(client, %{
code: Kino.Input.read(code),
})
Authenticates a user by verifying a one-time code sent to the user's email address by the Magic Auth Send Code endpoint.
code = Kino.Input.text("Code") |> Kino.render()
email = Kino.Input.text("Email") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_magic_auth(client, %{
code: Kino.Input.read(code),
email: Kino.Input.read(email),
})
When Email Verification is required in your Environment and an authentication attempt is made by a user with an unverified email address, a one-time code will automatically be sent to the user's email address. The authenticate API returns an email verification required error, which contains a pending_authentication_token.
code = Kino.Input.text("Code") |> Kino.render()
pending_authentication_code = Kino.Input.text("Pending Authentication Code") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_email_verification(client, %{
code: Kino.Input.read(code),
pending_authentication_code: Kino.Input.read(pending_authentication_code),
})
When an authentication attempt is made by a user with an MFA Factor enrolled, the user will be required to enter a time-based-one-time-password (TOTP) each time they authenticate. This is indicated by the MFA challenge error response when calling the authenticate API.
authentication_challenge_id = Kino.Input.text("Authentication Challenge ID") |> Kino.render()
pending_authentication_code = Kino.Input.text("Pending Authentication Code") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_totp(client, %{
authentication_challenge_id: Kino.Input.read(authentication_challenge_id),
pending_authentication_code: Kino.Input.read(pending_authentication_code),
})
When a user is a member of multiple organizations, they must choose which organization to sign into as part of authentication. The organization selection error is returned when this happens.
authentication_challenge_id = Kino.Input.text("Authentication Challenge ID") |> Kino.render()
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Authentication{user: user}} =
WorkOS.UserManagement.authenticate_with_selected_organization(client, %{
authentication_challenge_id: Kino.Input.read(authentication_challenge_id),
organization_id: Kino.Input.read(organization_id),
})
Creates a one-time Magic Auth code and emails it to the user.
email = Kino.Input.text("Email") |> Kino.render()
Kino.nothing()
:ok =
WorkOS.UserManagement.send_magic_auth_code(client, Kino.Input.read(email))
Enrolls a user in a new Factor.
user_id = Kino.Input.text("User ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.MultiFactor.EnrollAuthFactor{challenge: challenge, factor: factor}} =
WorkOS.UserManagement.enroll_auth_factor(client, Kino.Input.read(user_id), %{
type: "totp",
})
Lists the Auth Factors for a user.
{:ok, %WorkOS.List{}} =
WorkOS.UserManagement.list_auth_factors(client)
Sends a verification email to the provided user. The verification email will contain a one-time code which can be used to complete the email verification process.
user_id = Kino.Input.text("User ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.EmailVerification.SendVerificationEmail{user: user}} =
WorkOS.UserManagement.send_verification_email(client, Kino.Input.read(user_id))
Verifies user email using one-time code that was sent to the user.
user_id = Kino.Input.text("User ID") |> Kino.render()
code = Kino.Input.text("Code") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.EmailVerification.VerifyEmail{user: user}} =
WorkOS.UserManagement.verify_email(client, Kino.Input.read(user_id), %{
code: Kino.Input.read(code),
})
Sends a password reset email to a user.
email = Kino.Input.text("Email") |> Kino.render()
password_reset_url = Kino.Input.text("Password Reset URL") |> Kino.render()
Kino.nothing()
:ok = WorkOS.UserManagement.send_password_reset_email(client, %{
email: Kino.Input.read(email),
password_reset_url: Kino.Input.read(password_reset_url),
})
Resets user password using token that was sent to the user.
email = Kino.Input.text("Email") |> Kino.render()
password_reset_url = Kino.Input.text("Password Reset URL") |> Kino.render()
Kino.nothing()
:ok = WorkOS.UserManagement.reset_password(client, %{
token: Kino.Input.read(token),
new_password: Kino.Input.read(new_password),
})
Get the details of an existing Organization Membership.
organization_membership_id = Kino.Input.text("Organization Membership ID") |> Kino.render()
Kino.nothing()
:ok = WorkOS.UserManagement.get_organization_membership(client, Kino.Input.read(organization_membership_id))
Get a list of all of your existing Organization Memberships matching the criteria specified.
{:ok, %WorkOS.List{}} =
WorkOS.UserManagement.list_organization_memberships(client)
Get a list of all of your existing Organization Memberships matching the criteria specified.
user_id = Kino.Input.text("User ID") |> Kino.render()
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.List{}} =
WorkOS.UserManagement.create_organization_membership(client, %{
user_id: Kino.Input.read(user_id),
organization_id: Kino.Input.read(organization_id),
})
Deletes an existing Organization Membership.
organization_membership_id = Kino.Input.text("Organization Membership ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.Empty{}} = WorkOS.UserManagement.delete_organization_membership(client, Kino.Input.read(organization_membership_id))
Get the details of an existing Invitation.
invitation_id = Kino.Input.text("Invitation ID") |> Kino.render()
Kino.nothing()
:ok = WorkOS.UserManagement.get_invitation(client, Kino.Input.read(invitation_id))
Get a list of all of your existing Invitations matching the criteria specified.
{:ok, %WorkOS.List{}} =
WorkOS.UserManagement.list_invitations(client)
Sends an Invitation to a recipient.
email = Kino.Input.text("Email") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Invitation{id: id}} =
WorkOS.UserManagement.send_invitation(client, %{
email: Kino.Input.read(email),
})
Revokes an existing Invitation.
invitation_id = Kino.Input.text("Invitation ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.UserManagement.Invitation{id: id}} =
WorkOS.UserManagement.revoke_invitation(client, Kino.Input.read(invitation_id))
Get the details of an existing organization.
organization_domain_id = Kino.Input.text("Organization Domain ID") |> Kino.render()
Kino.nothing()
:ok = WorkOS.OrganizationDomains.get_organization_domain(client, Kino.Input.read(organization_domain_id))
Creates a new Organization Domain.
organization_id = Kino.Input.text("Organization ID") |> Kino.render()
domain = Kino.Input.text("Domain") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.List{}} =
WorkOS.OrganizationDomains.create_organization_domain(client, %{
organization_id: Kino.Input.read(organization_id),
domain: Kino.Input.read(domain),
})
Initiates verification process for an Organization Domain.
organization_domain_id = Kino.Input.text("Organization Domain ID") |> Kino.render()
Kino.nothing()
{:ok, %WorkOS.List{}} =
WorkOS.OrganizationDomains.verify_organization_domain(client, Kino.Input.read(organization_domain_id))