-beta.* suffix, for example,
3.2.0-beta.1. For more information on how to use beta
versions, refer to the README in the GitHub repository.
Features
UserRoleAssignmentSourcesource to UserRoleAssignmentUserRoleAssignmentSourceTypeUserManagementAuthentication.authorize.max_ageGET /user_management/cors_originsGET /user_management/redirect_urisFixes
Features
DataIntegrationCredentialsResponseDataIntegrationCredentialsResponseCredentialDataIntegrationsUpsertApiKeyRequestDataIntegrationsVendCredentialsRequestDataIntegrationCredentialsResponseErrorPUT /data-integrations/{slug}/api-keyPOST /data-integrations/{slug}/credentials⚠️ Breaking
SessionReauthenticatedSessionReauthenticatedDataSessionReauthenticatedDataImpersonatorSessionReauthenticatedDataAuthMethodSessionReauthenticatedDataStatusFeatures
agent.registration.created to CreateWebhookEndpointEventsagent.registration.claim.attempt.created to CreateWebhookEndpointEventsagent.registration.claim.completed to CreateWebhookEndpointEventsagent.registration.credential.issued to CreateWebhookEndpointEventsagent.registration.organization.switched to CreateWebhookEndpointEventsauthentication.reauthentication_succeeded to CreateWebhookEndpointEventsagent.registration.created to UpdateWebhookEndpointEventsagent.registration.claim.attempt.created to UpdateWebhookEndpointEventsagent.registration.claim.completed to UpdateWebhookEndpointEventsagent.registration.credential.issued to UpdateWebhookEndpointEventsagent.registration.organization.switched to UpdateWebhookEndpointEventsauthentication.reauthentication_succeeded to UpdateWebhookEndpointEventssession.reauthenticated to CreateWebhookEndpointEventssession.reauthenticated to UpdateWebhookEndpointEventspipes.connected_account.connection_failed to CreateWebhookEndpointEventspipes.connected_account.connection_failed to UpdateWebhookEndpointEventsUserRoleAssignmentSourcesource to UserRoleAssignmentUserRoleAssignmentSourceTypeUserManagementAuthentication.authorize.max_ageGET /user_management/cors_originsGET /user_management/redirect_urisAuditLogExportCreation.range_startAuditLogExportCreation.range_endexpired to AuditLogExportStateFixes
intent_options from GenerateLinksession.reauthenticated from CreateWebhookEndpointEventssession.reauthenticated from UpdateWebhookEndpointEventsFeatures
DataIntegrationCredentialsDtoCustomProviderDefinitionCreateDataIntegrationUpdateCustomProviderDefinitionUpdateDataIntegrationDataIntegrationDataIntegrationListDataIntegrationListListMetadataDataIntegrationCredentialDataIntegrationCustomProviderDataIntegrationCredentialsTypeCustomProviderDefinitionAuthenticateViaUpdateCustomProviderDefinitionAuthenticateViaDataIntegrationStateDataIntegrationCredentialTypeDataIntegrationCustomProviderAuthenticateViaGET /data-integrationsPOST /data-integrationsGET /data-integrations/{slug}PUT /data-integrations/{slug}DELETE /data-integrations/{slug}POST /user_management/users/{user_id}/connected_accounts/{slug}PUT /user_management/users/{user_id}/connected_accounts/{slug}Features
SendRadarSmsChallengeSendRadarSmsChallengeResponseUrnWorkosOAuthGrantTypeRadarEmailChallengeCodeSessionAuthenticateRequestUrnWorkosOAuthGrantTypeRadarSmsChallengeCodeSessionAuthenticateRequestMagicAuthSendMagicAuthCodeAndReturnResponseUserCreateResponseip_address to CreateMagicCodeAndReturnuser_agent to CreateMagicCodeAndReturnradar_auth_attempt_id to CreateMagicCodeAndReturnsignals_id to CreateMagicCodeAndReturnip_address to CreateUseruser_agent to CreateUsersignals_id to CreateUsersignals_id to AuthorizationCodeSessionAuthenticateRequestsignals_id to PasswordSessionAuthenticateRequestradar_auth_attempt_id to PasswordSessionAuthenticateRequestradar_auth_attempt_id to UrnWorkosOAuthGrantTypeMagicAuthCodeSessionAuthenticateRequestPOST /user_management/radar_challengessignals_id to RadarStandaloneAssessRequestFixes
UserManagementAuthentication.authenticateUserManagementUsers.create from User to UserCreateResponseUserManagementMagicAuth.sendMagicAuthCodeAndReturn from MagicAuth to MagicAuthSendMagicAuthCodeAndReturnResponseFixes
roles to organization membership modelsFull Changelog: v5.9.0...v5.9.1
⚠️ Breaking
UserManagementOrganizationMembership.listUserManagementInvitations.listFeatures
ReplaceGroupRoleAssignmentEntryReplaceGroupRoleAssignmentsDeleteGroupRoleAssignmentsByCriteriaPOST /authorization/groups/{group_id}/role_assignmentsPUT /authorization/groups/{group_id}/role_assignmentsDELETE /authorization/groups/{group_id}/role_assignmentsGET /authorization/groups/{group_id}/role_assignments/{role_assignment_id}DELETE /authorization/groups/{group_id}/role_assignments/{role_assignment_id}ClientApiTokenClientApiTokenResponseClientauth_method to ConnectedAccountapi_key_last_4 to ConnectedAccountConnectedAccountAuthMethodCreateGroupRoleAssignmentGroupRoleAssignmentGroupRoleAssignmentListGroupRoleAssignmentResourceUserOrganizationMembershipListUserOrganizationMembershipListListMetadataDataIntegrationCredentialsDataIntegrationConfigurationResponseDataIntegrationConfigurationListResponseConfigureDataIntegrationBodyauth_methods to DataIntegrationsListResponseDataauth_method to DataIntegrationsListResponseDataConnectedAccountapi_key_last_4 to DataIntegrationsListResponseDataConnectedAccountDataIntegrationCredentialsCredentialsTypeDataIntegrationsListResponseDataAuthMethodsDataIntegrationsListResponseDataConnectedAccountAuthMethodPipesProviderUserInviteListUserInviteListListMetadataAuthorizationCodeSessionAuthenticateRequest.client_secret optionalRefreshTokenSessionAuthenticateRequest.client_secret optionalwidgets:pipes:manage to WidgetSessionTokenScopes⚠️ Breaking
expires_at required in API key modelsDsyncDeactivatedDsyncDeactivatedDataDsyncDeactivatedDataDomainDsyncDeactivatedDataTypeDsyncDeactivatedDataStatedomain_sign_up_rate_limit from RadarStandaloneResponseControlreturn_to from RevokeSessionFeatures
ExpireApiKeyApiKeyUpdatedApiKeyUpdatedDataApiKeyUpdatedDataOwnerUserApiKeyUpdatedDataOwnerApiKeyUpdatedDataPreviousAttributePOST /api_keys/{id}/expireSnowflake to AuditLogConfigurationLogStreamTypename to UserObjectDsyncTokenCreatedDsyncTokenCreatedDataDsyncTokenRevokedDsyncTokenRevokedDataname to user management modelsapi_key.updated to CreateWebhookEndpointEventsapi_key.updated to UpdateWebhookEndpointEvents⚠️ Breaking
list_organization_memberships, create_organization_membership, get_organization_membership, update_organization_membership, delete_organization_membership, deactivate_organization_membership, and reactivate_organization_membership methods from UserManagement.RoleSingle and RoleMultiple dataclasses from UserManagement.OrganizationMembershipService.client.user_management_organization_membership_groups to client.organization_membership.OrganizationMembershipService with list_organization_memberships, create_organization_membership, get_organization_membership, update_organization_membership, delete_organization_membership, deactivate_organization_membership, reactivate_organization_membership, and list_organization_membership_groups methods.RoleSingle and RoleMultiple dataclasses to support role assignment.AsyncOrganizationMembershipService for async operations.workos.vault module (vault.py) has been replaced by a generated vault/_resource.py service. Method renames:read_object → get_kvread_object_by_name → get_nameget_object_metadata → removed (no direct equivalent)list_objects → list_kvlist_object_versions → list_kv_versionscreate_object → create_kvupdate_object → update_kvdelete_object → delete_kvcreate_data_key(key_context=...) → create_data_key(context=...)decrypt_data_key → create_decryptDataKey, DataKeyPair, ObjectDigest, ObjectUpdateBy. Replaced by new generated models (CreateDataKeyResponse, DecryptResponse, ObjectMetadata, ObjectSummary, ObjectWithoutValue, VaultObject, etc.).create_rekey, list_kv_metadata.AsyncVault for async operations.encrypt/decrypt (AES-GCM) methods are preserved with the same signatures.ConnectApplication is now a discriminated unionConnectApplication was a single dataclass; it is now a discriminated union dispatcher based on application_type.list_applications, create_application, get_application, update_application) now return ConnectApplicationVariant (a union of ConnectApplicationM2M, ConnectApplicationOAuth, or ConnectApplicationUnknown).isinstance(x, ConnectApplication) or accessing type-specific fields without checking the variant will need updating.device_fingerprint and bot_score optional parameters from Radar.create_attempt and AsyncRadar.create_attempt methods.RadarStandaloneAssessRequest model.RadarAction to RadarListAction and RadarType to RadarListType (affects add_list_entry and remove_list_entry method signatures).RadarStandaloneResponseBlocklistType is now a lazy re-export alias of RadarListType.credential_stuffing and ip_sign_up_rate_limit values from RadarStandaloneResponseControl enum.login, signup, sign_up, and sign_in values from RadarStandaloneAssessRequestAction enum; only sign-up and sign-in remain.search parameter from Authorization.list_resources and AsyncAuthorization.list_resources.resource_id, resource_external_id, resource_type_slug parameters to list_role_assignments method.role_slug parameter to list_role_assignments_for_resource_by_external_id and list_role_assignments_for_resource methods.expires_at optional field to CreateOrganizationApiKey model.expires_at optional field to CreateUserApiKey model.expires_at to organizational and user API key models (OrganizationApiKey, OrganizationApiKeyWithValue, UserApiKey, UserApiKeyWithValue).expires_at parameter to create_organization_api_key and create_user_api_key methods.AuditLogActionJson to AuditLogAction.AuditLogExportJson to AuditLogExport.AuditLogSchemaJson to AuditLogSchema.AuditLogSchemaJsonActor to AuditLogSchemaActorInput and AuditLogSchemaJsonTarget to AuditLogSchemaTargetInput.AuditLogSchemaInput model (used for schema creation payloads).AuditLogsRetentionJson to AuditLogsRetention.WebhookEndpointJson model to WebhookEndpoint.Features
Actor model representing the user or API key that performed an action.Error model for error response bodies.PipeConnectedAccount model with state enumeration.PipesConnectedAccountConnected, PipesConnectedAccountDisconnected, PipesConnectedAccountReauthorizationNeeded.AuditLogExportJsonState to AuditLogExportState.WebhookEndpointJsonStatus to WebhookEndpointStatus.UserManagementAuthenticationScreenHint to use RadarStandaloneAssessRequestAction type alias.get_jwks_url helper to UserManagement (https://github.com/workos/workos-python/issues/644" rel="noreferrer" target="_blank">#644) (https://github.com/workos/workos-python/commit/53134d32f168dd0da606672125e8cdd221832761" rel="noreferrer" target="_blank">53134d3)--- This PR was generated with Release Please. See documentation.
EventSchema discriminated union dispatcher (https://github.com/workos/workos-python/issues/629" rel="noreferrer" target="_blank">#629) (https://github.com/workos/workos-python/commit/af95901ed8e607622795a19b15c4a7bf88eca4f7" rel="noreferrer" target="_blank">af95901)workos.client.portal has been renamed to client.admin_portal, and client.fga is not available in v6.See the [V6 migration guide](docs/V6_MIGRATION_GUIDE.md) before upgrading from v5.
Full Changelog: v5.42.0...v5.42.1
Full Changelog: v5.41.0...v5.42.0
Full Changelog: v5.40.1...v5.41.0
accepted_user_id to invitation by @gjtorikian in #525Full Changelog: v5.40.0...v5.40.1
Full Changelog: v5.39.1...v5.40.0
Full Changelog: v5.39.0...5.39.1