WorkOS PHP SDK

Actions
in package

Table of Contents

Constants

ACTION_TYPE_TO_RESPONSE_OBJECT  = ['authentication' => 'authentication_action_response', 'user_registration' => 'user_registration_action_response']
DEFAULT_TOLERANCE  = 30

Properties

$client  : HttpClient

Methods

__construct()  : mixed
constructAction()  : array<string|int, mixed>
Verify and deserialize an Actions request payload.
signResponse()  : array<string|int, mixed>
Build and sign an Actions response.
verifyHeader()  : void
Verify the signature of an Actions request.

Constants

ACTION_TYPE_TO_RESPONSE_OBJECT

private mixed ACTION_TYPE_TO_RESPONSE_OBJECT = ['authentication' => 'authentication_action_response', 'user_registration' => 'user_registration_action_response']

DEFAULT_TOLERANCE

private mixed DEFAULT_TOLERANCE = 30

Properties

Methods

__construct()

public __construct(HttpClient $client) : mixed
Parameters
$client : HttpClient

Reserved for future use (e.g. server-side action endpoints).

constructAction()

Verify and deserialize an Actions request payload.

public constructAction(string $payload, string $sigHeader, string $secret[, int $tolerance = self::DEFAULT_TOLERANCE ]) : array<string|int, mixed>
Parameters
$payload : string

The raw Actions request body.

$sigHeader : string

The signature header value.

$secret : string

The Actions secret.

$tolerance : int = self::DEFAULT_TOLERANCE

Seconds the event is valid for. Defaults to 30.

Tags
throws
InvalidArgumentException

If the signature cannot be verified.

Return values
array<string|int, mixed>

The deserialized action payload.

signResponse()

Build and sign an Actions response.

public signResponse(string $actionType, string $verdict, string $secret[, string|null $errorMessage = null ]) : array<string|int, mixed>
Parameters
$actionType : string

'authentication' or 'user_registration'.

$verdict : string

'Allow' or 'Deny'.

$secret : string

The Actions secret.

$errorMessage : string|null = null

Optional error message for Deny verdicts.

Return values
array<string|int, mixed>

The signed response payload.

verifyHeader()

Verify the signature of an Actions request.

public verifyHeader(string $payload, string $sigHeader, string $secret[, int $tolerance = self::DEFAULT_TOLERANCE ]) : void
Parameters
$payload : string

The raw Actions request body.

$sigHeader : string

The signature header value.

$secret : string

The Actions secret.

$tolerance : int = self::DEFAULT_TOLERANCE

Seconds the event is valid for. Defaults to 30.

Tags
throws
InvalidArgumentException

If the signature cannot be verified.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results