// Code generated by oagen. DO NOT EDIT.package workosimport ()// SSOService handles SSO operations.typeSSOServicestruct { client *Client}// SSOListConnectionsParams contains the parameters for ListConnections.typeSSOListConnectionsParamsstruct {PaginationParams// ConnectionType is filter Connections by their type. ConnectionType *ConnectionsConnectionType`url:"connection_type,omitempty" json:"-"`// Domain is filter Connections by their associated domain. Domain *string`url:"domain,omitempty" json:"-"`// OrganizationID is filter Connections by their associated organization. OrganizationID *string`url:"organization_id,omitempty" json:"-"`// Search is searchable text to match against Connection names. Search *string`url:"search,omitempty" json:"-"`}// ListConnections// Get a list of all of your existing connections matching the criteria specified.func ( *SSOService) ( context.Context, *SSOListConnectionsParams, ...RequestOption) *Iterator[Connection] {returnnewIterator[Connection](, .client, "GET", "/connections", , "after", "data", , map[string]string{"limit": "10", "order": "desc"})}// GetConnection get a Connection// Get the details of an existing connection.func ( *SSOService) ( context.Context, string, ...RequestOption) (*Connection, error) {varConnection , := .client.request(, "GET", fmt.Sprintf("/connections/%s", url.PathEscape()), nil, nil, &, )if != nil {returnnil, }return &, nil}// DeleteConnection delete a Connection// Permanently deletes an existing connection. It cannot be undone.func ( *SSOService) ( context.Context, string, ...RequestOption) error { , := .client.request(, "DELETE", fmt.Sprintf("/connections/%s", url.PathEscape()), nil, nil, nil, )return}// SSOGetAuthorizationURLParams contains the parameters for GetAuthorizationURL.typeSSOGetAuthorizationURLParamsstruct {// ProviderScopes is additional scopes to request from the identity provider. Applicable when using OAuth or OpenID Connect connections. ProviderScopes []string`url:"provider_scopes,omitempty" json:"-"`// ProviderQueryParams is key/value pairs of query parameters to pass to the OAuth provider. Only applicable when using OAuth connections. ProviderQueryParams map[string]string`url:"provider_query_params,omitempty" json:"-"`// Domain is deprecated. Use `connection` or `organization` instead. Used to initiate SSO for a connection by domain. The domain must be associated with a connection in your WorkOS environment. // // Deprecated: this parameter is deprecated. Domain *string`url:"domain,omitempty" json:"-"`// Provider is used to initiate OAuth authentication with various providers. Provider *SSOProvider`url:"provider,omitempty" json:"-"`// RedirectURI is where to redirect the user after they complete the authentication process. You must use one of the redirect URIs configured via the [Redirects](https://dashboard.workos.com/redirects) page on the dashboard. RedirectURI string`url:"redirect_uri" json:"-"`// State is an optional parameter that can be used to encode arbitrary information to help restore application state between redirects. If included, the redirect URI received from WorkOS will contain the exact `state` that was passed. State *string`url:"state,omitempty" json:"-"`// Connection is used to initiate SSO for a connection. The value should be a WorkOS connection ID. // You can persist the WorkOS connection ID with application user or team identifiers. WorkOS will use the connection indicated by the connection parameter to direct the user to the corresponding IdP for authentication. Connection *string`url:"connection,omitempty" json:"-"`// Organization is used to initiate SSO for an organization. The value should be a WorkOS organization ID. // You can persist the WorkOS organization ID with application user or team identifiers. WorkOS will use the organization ID to determine the appropriate connection and the IdP to direct the user to for authentication. Organization *string`url:"organization,omitempty" json:"-"`// DomainHint is can be used to pre-fill the domain field when initiating authentication with Microsoft OAuth or with a Google SAML connection type. DomainHint *string`url:"domain_hint,omitempty" json:"-"`// LoginHint is can be used to pre-fill the username/email address field of the IdP sign-in page for the user, if you know their username ahead of time. Currently supported for OAuth, OpenID Connect, Okta, Entra ID, and custom SAML connections. LoginHint *string`url:"login_hint,omitempty" json:"-"`// Nonce is a random string generated by the client that is used to mitigate replay attacks. Nonce *string`url:"nonce,omitempty" json:"-"`}// GetAuthorizationURL initiate SSO// Initiates the single sign-on flow.func ( *SSOService) ( *SSOGetAuthorizationURLParams, ...RequestOption) string { := url.Values{} .Set("response_type", "code")if .client.clientID != "" { .Set("client_id", .client.clientID) }if .ProviderScopes != nil { .Set("provider_scopes", strings.Join(.ProviderScopes, ",")) }if .ProviderQueryParams != nil {for , := range .ProviderQueryParams { .Set(fmt.Sprintf("provider_query_params[%s]", ), fmt.Sprintf("%v", )) } }if .Domain != nil { .Set("domain", *.Domain) }if .Provider != nil { .Set("provider", fmt.Sprintf("%v", *.Provider)) } .Set("redirect_uri", .RedirectURI)if .State != nil { .Set("state", *.State) }if .Connection != nil { .Set("connection", *.Connection) }if .Organization != nil { .Set("organization", *.Organization) }if .DomainHint != nil { .Set("domain_hint", *.DomainHint) }if .LoginHint != nil { .Set("login_hint", *.LoginHint) }if .Nonce != nil { .Set("nonce", *.Nonce) }return .client.buildURL("/sso/authorize", , )}// SSOGetLogoutURLParams contains the parameters for GetLogoutURL.typeSSOGetLogoutURLParamsstruct {// Token is the logout token returned from the [Logout Authorize](https://workos.com/docs/reference/sso/logout/authorize) endpoint. Token string`url:"token" json:"-"`}// GetLogoutURL logout Redirect// Logout allows to sign out a user from your application by triggering the identity provider sign out flow. This `GET` endpoint should be a redirection, since the identity provider user will be identified in the browser session.// Before redirecting to this endpoint, you need to generate a short-lived logout token using the [Logout Authorize](https://workos.com/docs/reference/sso/logout/authorize) endpoint.func ( *SSOService) ( *SSOGetLogoutURLParams, ...RequestOption) string { := url.Values{} .Set("token", .Token)return .client.buildURL("/sso/logout", , )}// SSOAuthorizeLogoutParams contains the parameters for AuthorizeLogout.typeSSOAuthorizeLogoutParamsstruct {// ProfileID is the unique ID of the profile to log out. ProfileID string`json:"profile_id" url:"-"`}// AuthorizeLogout logout Authorize// You should call this endpoint from your server to generate a logout token which is required for the [Logout Redirect](https://workos.com/docs/reference/sso/logout) endpoint.func ( *SSOService) ( context.Context, *SSOAuthorizeLogoutParams, ...RequestOption) (*SSOLogoutAuthorizeResponse, error) {varSSOLogoutAuthorizeResponse , := .client.request(, "POST", "/sso/logout/authorize", nil, , &, )if != nil {returnnil, }return &, nil}// GetProfile get a User Profile// Exchange an access token for a user's [Profile](https://workos.com/docs/reference/sso/profile). Because this profile is returned in the [Get a Profile and Token endpoint](https://workos.com/docs/reference/sso/profile/get-profile-and-token) your application usually does not need to call this endpoint. It is available for any authentication flows that require an additional endpoint to retrieve a user's profile.func ( *SSOService) ( context.Context, ...RequestOption) (*Profile, error) {varProfile , := .client.request(, "GET", "/sso/profile", nil, nil, &, )if != nil {returnnil, }return &, nil}// SSOGetProfileAndTokenParams contains the parameters for GetProfileAndToken.typeSSOGetProfileAndTokenParamsstruct {// Code is the authorization code received from the authorization callback. Code string`json:"code" url:"-"`}// getProfileAndTokenBody is the JSON request body for GetProfileAndToken.typegetProfileAndTokenBodystruct { GrantType string`json:"grant_type"` Code string`json:"code"` ClientID string`json:"client_id,omitempty"` ClientSecret string`json:"client_secret,omitempty"`}// GetProfileAndToken get a Profile and Token// Get an access token along with the user [Profile](https://workos.com/docs/reference/sso/profile) using the code passed to your [Redirect URI](https://workos.com/docs/reference/sso/get-authorization-url/redirect-uri).func ( *SSOService) ( context.Context, *SSOGetProfileAndTokenParams, ...RequestOption) (*SSOTokenResponse, error) { := getProfileAndTokenBody{GrantType: "authorization_code",Code: .Code, } .ClientID = .client.clientID .ClientSecret = .client.apiKeyvarSSOTokenResponse , := .client.request(, "POST", "/sso/token", , , &, )if != nil {returnnil, }return &, nil}
The pages are generated with Goldsv0.8.2. (GOOS=linux GOARCH=amd64)
Golds is a Go 101 project developed by Tapir Liu.
PR and bug reports are welcome and can be submitted to the issue list.
Please follow @zigo_101 (reachable from the left QR code) to get the latest news of Golds.