Authorization Resources (external ID) endpoints and listResources endpoint #1472
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
swaroopAkkineniWorkos
changed the title
Contributor
Author
|
@greptile can you plz do a first pass review |
Contributor
Author
|
@greptile plz re-review this pr |
Contributor
Author
|
@greptile plz re-review this pr |
Contributor
Greptile OverviewGreptile SummaryThis PR implements four new authorization resource endpoints that enable operations using external IDs instead of internal resource IDs:
The implementation follows established patterns in the codebase with consistent serialization, proper TypeScript typing, and comprehensive test coverage. All new methods properly handle nullable fields ( Confidence Score: 5/5
Important Files Changed
Sequence DiagramsequenceDiagram
participant Client
participant SDK as WorkOS SDK
participant Serializer
participant API as WorkOS API
Note over Client,API: List Resources Flow
Client->>SDK: listResources(options)
SDK->>Serializer: serializeListAuthorizationResourcesOptions()
Serializer->>Serializer: Convert arrays to comma-separated strings
Serializer->>Serializer: Convert camelCase to snake_case
Serializer-->>SDK: serialized params
SDK->>API: GET /authorization/resources?params
API-->>SDK: AuthorizationResourceListResponse
SDK->>SDK: deserializeAuthorizationResource() for each item
SDK-->>Client: AuthorizationResourceList
Note over Client,API: Get/Update/Delete by External ID Flow
Client->>SDK: getResourceByExternalId({org, type, externalId})
SDK->>API: GET /authorization/organizations/{org}/resources/{type}/{externalId}
API-->>SDK: AuthorizationResourceResponse
SDK->>SDK: deserializeAuthorizationResource()
SDK-->>Client: AuthorizationResource
Client->>SDK: updateResourceByExternalId(options)
SDK->>Serializer: serializeUpdateResourceByExternalIdOptions()
Serializer->>Serializer: Filter undefined fields
Serializer-->>SDK: serialized body
SDK->>API: PATCH /authorization/organizations/{org}/resources/{type}/{externalId}
API-->>SDK: AuthorizationResourceResponse
SDK->>SDK: deserializeAuthorizationResource()
SDK-->>Client: AuthorizationResource
Client->>SDK: deleteResourceByExternalId({org, type, externalId})
SDK->>API: DELETE /authorization/organizations/{org}/resources/{type}/{externalId}
API-->>SDK: 204 No Content
SDK-->>Client: void
|
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
src/authorization/serializers/list-authorization-resources-options.serializer.ts
Outdated
Show resolved
Hide resolved
swaroopAkkineniWorkos
requested review from
atainter,
csrbarber,
mattgd and
nicknisi
and removed request for
a team
csrbarber
reviewed
Feb 11, 2026
src/authorization/authorization.ts
Outdated
| await this.workos.delete(`/authorization/resources/${resourceId}`); | ||
| } | ||
|
|
||
| // part 2 |
Contributor
There was a problem hiding this comment.
Suggested change
| // part 2 |
csrbarber
approved these changes
Feb 11, 2026
nicknisi
reviewed
Feb 11, 2026
| ): Promise<AuthorizationResource> { | ||
| const { organizationId, resourceTypeSlug, externalId } = options; | ||
| const { data } = await this.workos.get<AuthorizationResourceResponse>( | ||
| `/authorization/organizations/${organizationId}/resources/${resourceTypeSlug}/${externalId}`, |
Member
There was a problem hiding this comment.
suggestion: could externalId contain URL-significant characters? Not sure if this is gated elsewhere but could be good to wrap with encodeURIComponent.
nicknisi
approved these changes
Feb 11, 2026
Base automatically changed from
ENT-4372-Internal-ID
to
ENT-4372-base-authorization-branch
February 11, 2026 19:12
atainter
reviewed
Feb 11, 2026
| } | ||
|
|
||
| export interface SerializedListAuthorizationResourcesOptions { | ||
| organization_ids?: string; |
Contributor
There was a problem hiding this comment.
I have a ticket to change this and slugs to singular organization_id, resource_type_slug
Contributor
There was a problem hiding this comment.
Contributor
Author
There was a problem hiding this comment.
I'll update with a change once it is merged
| @@ -31,8 +31,6 @@ export interface CreateAuthorizationResourceOptions { | |||
| resourceTypeSlug: string; | |||
| organizationId: string; | |||
| parentResourceId?: string | null; | |||
Contributor
There was a problem hiding this comment.
Same comment about type_slug + external_id
swaroopAkkineniWorkos
merged commit 4be4df5
into
ENT-4372-base-authorization-branch
8 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
linear: https://linear.app/workos/issue/ENT-4372/sdk-updates
I decided to break up the work for ENT-4372 into a smaller pr's that we can be easily reviewed and merge them into ENT-4372-base-authorization-branch. Then we can have one final merge that merges ENT-4372-base-authorization-branch into the main.
desc: the goal of this pr is to implement the following endpoints in the node sdk.
Each one will call the corresponding new fga endpoints within workos repo
listResources() ~ https://github.com/workos/workos/blob/51f5a445c3a247f5f093bfaae8e385629df56d36/packages/api/src/authorization-resources/authorization-resources.controller.ts#L83
getResourceByExternalId() ~ https://github.com/workos/workos/blob/51f5a445c3a247f5f093bfaae8e385629df56d36/packages/api/src/authorization-resources/authorization-resources-by-external-id.controller.ts#L90
updateResourceByExternalId() ~ https://github.com/workos/workos/blob/51f5a445c3a247f5f093bfaae8e385629df56d36/packages/api/src/authorization-resources/authorization-resources-by-external-id.controller.ts#L183
deleteResourceByExternalId() ~ https://github.com/workos/workos/blob/51f5a445c3a247f5f093bfaae8e385629df56d36/packages/api/src/authorization-resources/authorization-resources-by-external-id.controller.ts#L221