Skip to content

feat(generated): Add user management operations and models (+1 more)#414

Merged
workos-sdk-automation[bot] merged 4 commits into
mainfrom
oagen/batch-a7de29ef
Jul 2, 2026
Merged

feat(generated): Add user management operations and models (+1 more)#414
workos-sdk-automation[bot] merged 4 commits into
mainfrom
oagen/batch-a7de29ef

Conversation

@workos-sdk-automation

@workos-sdk-automation workos-sdk-automation Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Summary

feat(user_management): Add user management operations and models

  • Added model SendRadarSmsChallenge.
  • Added model SendRadarSmsChallengeResponse.
  • Added model UrnWorkosOAuthGrantTypeRadarEmailChallengeCodeSessionAuthenticateRequest.
  • Added model UrnWorkosOAuthGrantTypeRadarSmsChallengeCodeSessionAuthenticateRequest.
  • Added model MagicAuthSendMagicAuthCodeAndReturnResponse.
  • Added model UserCreateResponse.
  • Added ip_address to CreateMagicCodeAndReturn.
  • Added user_agent to CreateMagicCodeAndReturn.
  • Added radar_auth_attempt_id to CreateMagicCodeAndReturn.
  • Added signals_id to CreateMagicCodeAndReturn.
  • Added ip_address to CreateUser.
  • Added user_agent to CreateUser.
  • Added signals_id to CreateUser.
  • Added signals_id to AuthorizationCodeSessionAuthenticateRequest.
  • Added signals_id to PasswordSessionAuthenticateRequest.
  • Added radar_auth_attempt_id to PasswordSessionAuthenticateRequest.
  • Added radar_auth_attempt_id to UrnWorkosOAuthGrantTypeMagicAuthCodeSessionAuthenticateRequest.
  • Added endpoint POST /user_management/radar_challenges.

fix(user_management): Update user management API surface

  • Changed request body for UserManagementAuthentication.authenticate.
  • Changed response of UserManagementUsers.create from User to UserCreateResponse.
  • Changed response of UserManagementMagicAuth.sendMagicAuthCodeAndReturn from MagicAuth to MagicAuthSendMagicAuthCodeAndReturnResponse.

Triggered by workos/openapi-spec@71b13e0

BEGIN_COMMIT_OVERRIDE
feat(user_management): Add user management operations and models (#414)
fix(user_management): Update user management API surface (#414)
END_COMMIT_OVERRIDE

@workos-sdk-automation workos-sdk-automation Bot requested review from a team as code owners July 2, 2026 17:30
@workos-sdk-automation workos-sdk-automation Bot requested a review from dandorman July 2, 2026 17:30
@workos-sdk-automation workos-sdk-automation Bot added the autogenerated Autogenerated code or content label Jul 2, 2026
@workos-sdk-automation workos-sdk-automation Bot merged commit d619668 into main Jul 2, 2026
8 checks passed
@workos-sdk-automation workos-sdk-automation Bot deleted the oagen/batch-a7de29ef branch July 2, 2026 17:34
@greptile-apps

greptile-apps Bot commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR regenerates the PHP SDK for new User Management and Radar API fields. The main changes are:

  • Adds Radar SMS challenge request and response models.
  • Adds Radar challenge authentication request models.
  • Adds Radar signals fields to authentication, user creation, magic-auth, and standalone Radar resources.
  • Updates createUser() and createMagicAuth() response types to return Radar attempt IDs.
  • Adds service and fixture coverage for the new Radar challenge endpoint.

Confidence Score: 3/5

The generated models and fixtures are mostly consistent, but the public service wrapper misses newly added Radar correlation fields on authentication paths.

The issues are concentrated in one service file and have clear API-surface fixes, while broader generated resource changes appear mechanically consistent.

lib/Service/UserManagement.php

T-Rex T-Rex Logs

What T-Rex did

  • I created a PHP repro harness to call UserManagement::authenticateWithPassword() through the SDK's real Guzzle mock transport and print the serialized PasswordSessionAuthenticateRequest.
  • I attempted to run the PHP repro harness, but the environment has no PHP binary, so the runtime could not execute.
  • I created a focused PHPUnit repro that uses the real UserManagement service and mock HTTP helper to compare MagicAuthCodeSessionAuthenticateRequest serialization with the captured authenticateWithMagicAuth request body.
  • I attempted to run vendor/bin/phpunit, but the repository has no installed vendor dependencies in this environment.
  • I attempted composer install to obtain PHPUnit and dependencies, but composer is not installed.
  • I performed an environment check and found that PHP is not installed, blocking execution of the PHP SDK repro.
  • I created a focused PHP repro harness that would instantiate the real WorkOS client with Guzzle mock transport and serialize AuthorizationCodeSessionAuthenticateRequest with signalsId.
  • I attempted to run the repro with php from /home/user/repo, but the environment had no php executable.
  • I checked the local environment and found no php, no composer, and no vendor/bin/phpunit available.
  • I ran a quick runtime-availability check for alternate container tools to see if a different container could run the repro.
  • Before artifact shows the base command, cwd, commit, caption, and '/bin/sh: php: not found' with exit code 127.
  • After artifact shows the head command, cwd, commit, caption, and '/bin/sh: php: not found' with exit code 127.
  • No contract finding is filed because the endpoint code path could not be executed.
  • After changes, the repro observed 200 OK mocked requests for POST user_management/users and POST user_management/magic_auth with the new fields serialized.
  • The response classes UserCreateResponse and MagicAuthSendMagicAuthCodeAndReturnResponse were parsed and radarAuthAttemptId appeared as expected.
  • Before behavior lacked the new Radar models, and after the head change there were successful round-trips for CreateUser, CreateMagicCodeAndReturn, AuthorizationCodeSessionAuthenticateRequest, and SendRadarSmsChallenge with the new fields present in toArray().
  • Class_exists shows yes for the new Radar challenge and response models, though the harness fixtures triggered exceptions that were not treated as product bugs.
  • The base rejected the new named argument signalsId initially; after changes it accepted signalsId, returned 200 OK, posted POST radar/attempts with signals_id, and round-tripped the Radar flow.
  • The Radar signals flow round-trips included posting radar/attempts with signals_id and parsing RadarStandaloneResponse.

View all artifacts

T-Rex Ran code and verified through T-Rex

Comments Outside Diff (3)

  1. lib/Service/UserManagement.php, line 72-89 (link)

    P1 Missing Radar parameters
    PasswordSessionAuthenticateRequest now serializes both signals_id and radar_auth_attempt_id, but authenticateWithPassword() still has no parameters for either field and never adds them to $body. Callers using the service API cannot associate password authentication with Radar signals or attempts even though the generated request model and fixtures expose those API fields.

    Prompt To Fix With AI
    This is a comment left during a code review.
    Path: lib/Service/UserManagement.php
    Line: 72-89
    
    Comment:
    **Missing Radar parameters**
    `PasswordSessionAuthenticateRequest` now serializes both `signals_id` and `radar_auth_attempt_id`, but `authenticateWithPassword()` still has no parameters for either field and never adds them to `$body`. Callers using the service API cannot associate password authentication with Radar signals or attempts even though the generated request model and fixtures expose those API fields.
    
    How can I resolve this? If you propose a fix, please make it concise.
  2. lib/Service/UserManagement.php, line 189-206 (link)

    P1 Missing Radar attempt
    MagicAuthCodeSessionAuthenticateRequest now includes radar_auth_attempt_id, but authenticateWithMagicAuth() still cannot accept or send it. This breaks the flow from createMagicAuth(), which returns a Radar attempt ID intended to be passed to authentication, because the service wrapper drops that field entirely.

    Prompt To Fix With AI
    This is a comment left during a code review.
    Path: lib/Service/UserManagement.php
    Line: 189-206
    
    Comment:
    **Missing Radar attempt**
    `MagicAuthCodeSessionAuthenticateRequest` now includes `radar_auth_attempt_id`, but `authenticateWithMagicAuth()` still cannot accept or send it. This breaks the flow from `createMagicAuth()`, which returns a Radar attempt ID intended to be passed to authentication, because the service wrapper drops that field entirely.
    
    How can I resolve this? If you propose a fix, please make it concise.
  3. lib/Service/UserManagement.php, line 112-129 (link)

    P1 Missing signals field
    AuthorizationCodeSessionAuthenticateRequest now supports signals_id, but authenticateWithCode() has no signalsId argument and omits signals_id from the request body. Consumers using this service method cannot send the newly generated Radar signals correlation field for authorization-code authentication.

    Prompt To Fix With AI
    This is a comment left during a code review.
    Path: lib/Service/UserManagement.php
    Line: 112-129
    
    Comment:
    **Missing signals field**
    `AuthorizationCodeSessionAuthenticateRequest` now supports `signals_id`, but `authenticateWithCode()` has no `signalsId` argument and omits `signals_id` from the request body. Consumers using this service method cannot send the newly generated Radar signals correlation field for authorization-code authentication.
    
    How can I resolve this? If you propose a fix, please make it concise.
Prompt To Fix All With AI
Fix the following 3 code review issues. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 3
lib/Service/UserManagement.php:72-89
**Missing Radar parameters**
`PasswordSessionAuthenticateRequest` now serializes both `signals_id` and `radar_auth_attempt_id`, but `authenticateWithPassword()` still has no parameters for either field and never adds them to `$body`. Callers using the service API cannot associate password authentication with Radar signals or attempts even though the generated request model and fixtures expose those API fields.

### Issue 2 of 3
lib/Service/UserManagement.php:189-206
**Missing Radar attempt**
`MagicAuthCodeSessionAuthenticateRequest` now includes `radar_auth_attempt_id`, but `authenticateWithMagicAuth()` still cannot accept or send it. This breaks the flow from `createMagicAuth()`, which returns a Radar attempt ID intended to be passed to authentication, because the service wrapper drops that field entirely.

### Issue 3 of 3
lib/Service/UserManagement.php:112-129
**Missing signals field**
`AuthorizationCodeSessionAuthenticateRequest` now supports `signals_id`, but `authenticateWithCode()` has no `signalsId` argument and omits `signals_id` from the request body. Consumers using this service method cannot send the newly generated Radar signals correlation field for authorization-code authentication.

Reviews (1): Last reviewed commit: "chore(generated): add release notes frag..." | Re-trigger Greptile

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

autogenerated Autogenerated code or content

Development

Successfully merging this pull request may close these issues.

0 participants