UserManagement
in package
Table of Contents
Properties
Methods
- __construct() : mixed
- acceptInvitation() : Invitation
- Accept an invitation
- authenticateWithCode() : AuthenticateResponse
- authenticateWithDeviceCode() : AuthenticateResponse
- authenticateWithEmailVerification() : AuthenticateResponse
- authenticateWithMagicAuth() : AuthenticateResponse
- authenticateWithOrganizationSelection() : AuthenticateResponse
- authenticateWithPassword() : AuthenticateResponse
- authenticateWithRefreshToken() : AuthenticateResponse
- authenticateWithTotp() : AuthenticateResponse
- confirmEmailChange() : EmailChangeConfirmation
- Confirm email change
- confirmPasswordReset() : ResetPasswordResponse
- Reset the password
- createCorsOrigin() : CORSOriginResponse
- Create a CORS origin
- createDevice() : DeviceAuthorizationResponse
- Get device authorization URL
- createMagicAuth() : MagicAuth
- Create a Magic Auth code
- createRedirectUri() : RedirectUri
- Create a redirect URI
- createUser() : User
- Create a user
- createUserApiKey() : UserApiKeyWithValue
- Create an API key for a user
- deleteUser() : void
- Delete a user
- deleteUserAuthorizedApplication() : void
- Delete an authorized application
- findInvitationByToken() : UserInvite
- Find an invitation by token
- getAuthorizationUrl() : string
- Get an authorization URL
- getEmailVerification() : EmailVerification
- Get an email verification code
- getInvitation() : UserInvite
- Get an invitation
- getJwks() : JwksResponse
- Get JWKS
- getLogoutUrl() : string
- Logout
- getMagicAuth() : MagicAuth
- Get Magic Auth code details
- getPasswordReset() : PasswordReset
- Get a password reset token
- getUser() : User
- Get a user
- getUserByExternalId() : User
- Get a user by external ID
- getUserIdentities() : array<string|int, mixed>
- Get user identities
- listInvitations() : PaginatedResponse<string|int, UserInvite>
- List invitations
- listJWTTemplate() : JWTTemplateResponse
- Get JWT template
- listSessions() : PaginatedResponse<string|int, UserSessionsListItem>
- List sessions
- listUserApiKeys() : PaginatedResponse<string|int, UserApiKey>
- List API keys for a user
- listUserAuthorizedApplications() : PaginatedResponse<string|int, AuthorizedConnectApplicationListData>
- List authorized applications
- listUsers() : PaginatedResponse<string|int, User>
- List users
- resendInvitation() : UserInvite
- Resend an invitation
- resetPassword() : PasswordReset
- Create a password reset token
- revokeInvitation() : Invitation
- Revoke an invitation
- revokeSession() : mixed
- Revoke Session
- sendEmailChange() : EmailChange
- Send email change code
- sendInvitation() : UserInvite
- Send an invitation
- sendVerificationEmail() : SendVerificationEmailResponse
- Send verification email
- updateJWTTemplate() : JWTTemplateResponse
- Update JWT template
- updateUser() : User
- Update a user
- verifyEmail() : VerifyEmailResponse
- Verify email
Properties
$client read-only
private
HttpClient
$client
Methods
__construct()
public
__construct(HttpClient $client) : mixed
Parameters
- $client : HttpClient
acceptInvitation()
Accept an invitation
public
acceptInvitation(string $id[, RequestOptions|null $options = null ]) : Invitation
Accepts an invitation and, if linked to an organization, activates the user's membership in that organization.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
InvitationauthenticateWithCode()
public
authenticateWithCode(string $code[, string|null $codeVerifier = null ][, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $codeVerifier : string|null = null
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithDeviceCode()
public
authenticateWithDeviceCode(string $deviceCode[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $deviceCode : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithEmailVerification()
public
authenticateWithEmailVerification(string $code, string $pendingAuthenticationToken[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $pendingAuthenticationToken : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithMagicAuth()
public
authenticateWithMagicAuth(string $code, string $email[, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $email : string
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithOrganizationSelection()
public
authenticateWithOrganizationSelection(string $pendingAuthenticationToken, string $organizationId[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $pendingAuthenticationToken : string
- $organizationId : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithPassword()
public
authenticateWithPassword(string $email, string $password[, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $email : string
- $password : string
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithRefreshToken()
public
authenticateWithRefreshToken(string $refreshToken[, string|null $organizationId = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $refreshToken : string
- $organizationId : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithTotp()
public
authenticateWithTotp(string $code, string $pendingAuthenticationToken, string $authenticationChallengeId[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $pendingAuthenticationToken : string
- $authenticationChallengeId : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseconfirmEmailChange()
Confirm email change
public
confirmEmailChange(string $id, string $code[, RequestOptions|null $options = null ]) : EmailChangeConfirmation
Confirms an email change using the one-time code received by the user.
Parameters
- $id : string
-
The unique ID of the user.
- $code : string
-
The one-time code used to confirm the email change.
- $options : RequestOptions|null = null
Tags
Return values
EmailChangeConfirmationconfirmPasswordReset()
Reset the password
public
confirmPasswordReset(string $token, string $newPassword[, RequestOptions|null $options = null ]) : ResetPasswordResponse
Sets a new password using the token query parameter from the link that the user received. Successfully resetting the password will verify a user's email, if it hasn't been verified yet.
Parameters
- $token : string
-
The password reset token.
- $newPassword : string
-
The new password to set for the user.
- $options : RequestOptions|null = null
Tags
Return values
ResetPasswordResponsecreateCorsOrigin()
Create a CORS origin
public
createCorsOrigin(string $origin[, RequestOptions|null $options = null ]) : CORSOriginResponse
Creates a new CORS origin for the current environment. CORS origins allow browser-based applications to make requests to the WorkOS API.
Parameters
- $origin : string
-
The origin URL to allow for CORS requests.
- $options : RequestOptions|null = null
Tags
Return values
CORSOriginResponsecreateDevice()
Get device authorization URL
public
createDevice(string $clientId[, RequestOptions|null $options = null ]) : DeviceAuthorizationResponse
Initiates the CLI Auth flow by requesting a device code and verification URLs. This endpoint implements the OAuth 2.0 Device Authorization Flow (RFC 8628) and is designed for command-line applications or other devices with limited input capabilities.
Parameters
- $clientId : string
-
The WorkOS client ID for your application.
- $options : RequestOptions|null = null
Tags
Return values
DeviceAuthorizationResponsecreateMagicAuth()
Create a Magic Auth code
public
createMagicAuth(string $email[, string|null $invitationToken = null ][, RequestOptions|null $options = null ]) : MagicAuth
Creates a one-time authentication code that can be sent to the user's email address. The code expires in 10 minutes. To verify the code, authenticate the user with Magic Auth.
Parameters
- $email : string
-
The email address to send the magic code to.
- $invitationToken : string|null = null
-
The invitation token to associate with this magic code.
- $options : RequestOptions|null = null
Tags
Return values
MagicAuthcreateRedirectUri()
Create a redirect URI
public
createRedirectUri(string $uri[, RequestOptions|null $options = null ]) : RedirectUri
Creates a new redirect URI for an application.
Parameters
- $uri : string
-
The redirect URI to create.
- $options : RequestOptions|null = null
Tags
Return values
RedirectUricreateUser()
Create a user
public
createUser(string $email[, string|null $firstName = null ][, string|null $lastName = null ][, string|null $name = null ][, bool|null $emailVerified = null ][, array<string, string>|null $metadata = null ][, string|null $externalId = null ][, null|PasswordPlaintext|PasswordHashed $password = null ][, RequestOptions|null $options = null ]) : User
Create a new user in the current environment.
Parameters
- $email : string
-
The email address of the user.
- $firstName : string|null = null
-
The first name of the user.
- $lastName : string|null = null
-
The last name of the user.
- $name : string|null = null
-
The user's full name.
- $emailVerified : bool|null = null
-
Whether the user's email has been verified.
- $metadata : array<string, string>|null = null
-
Object containing metadata key/value pairs associated with the user.
- $externalId : string|null = null
-
The external ID of the user.
- $password : null|PasswordPlaintext|PasswordHashed = null
- $options : RequestOptions|null = null
Tags
Return values
UsercreateUserApiKey()
Create an API key for a user
public
createUserApiKey(string $userId, string $name, string $organizationId[, array<string|int, string>|null $permissions = null ][, DateTimeImmutable|null $expiresAt = null ][, RequestOptions|null $options = null ]) : UserApiKeyWithValue
Create a new API key owned by a user. The user must have an active membership in the specified organization.
Parameters
- $userId : string
-
Unique identifier of the user.
- $name : string
-
A descriptive name for the API key.
- $organizationId : string
-
The ID of the organization the user API key is associated with. The user must have an active membership in this organization.
- $permissions : array<string|int, string>|null = null
-
The permission slugs to assign to the API key. Each permission must be enabled for user API keys.
- $expiresAt : DateTimeImmutable|null = null
-
The timestamp when the API key should expire. Must be a future timestamp. If omitted, the key does not expire.
- $options : RequestOptions|null = null
Tags
Return values
UserApiKeyWithValuedeleteUser()
Delete a user
public
deleteUser(string $id[, RequestOptions|null $options = null ]) : void
Permanently deletes a user in the current environment. It cannot be undone.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
deleteUserAuthorizedApplication()
Delete an authorized application
public
deleteUserAuthorizedApplication(string $applicationId, string $userId[, RequestOptions|null $options = null ]) : void
Delete an existing Authorized Connect Application.
Parameters
- $applicationId : string
-
The ID or client ID of the application.
- $userId : string
-
The ID of the user.
- $options : RequestOptions|null = null
Tags
findInvitationByToken()
Find an invitation by token
public
findInvitationByToken(string $token[, RequestOptions|null $options = null ]) : UserInvite
Retrieve an existing invitation using the token.
Parameters
- $token : string
-
The token used to accept the invitation.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitegetAuthorizationUrl()
Get an authorization URL
public
getAuthorizationUrl(string $redirectUri[, string|null $codeChallengeMethod = null ][, string|null $codeChallenge = null ][, string|null $domainHint = null ][, string|null $connectionId = null ][, array<string, string>|null $providerQueryParams = null ][, array<string|int, string>|null $providerScopes = null ][, string|null $invitationToken = null ][, RadarStandaloneAssessRequestAction|null $screenHint = null ][, string|null $loginHint = null ][, UserManagementAuthenticationProvider|null $provider = null ][, string|null $prompt = null ][, string|null $state = null ][, string|null $organizationId = null ][, RequestOptions|null $options = null ]) : string
Generates an OAuth 2.0 authorization URL to authenticate a user with AuthKit or SSO.
Parameters
- $redirectUri : string
-
The callback URI where the authorization code will be sent after authentication.
- $codeChallengeMethod : string|null = null
-
The only valid PKCE code challenge method is
"S256". Required when specifying acode_challenge. - $codeChallenge : string|null = null
-
Code challenge derived from the code verifier used for the PKCE flow.
- $domainHint : string|null = null
-
A domain hint for SSO connection lookup.
- $connectionId : string|null = null
-
The ID of an SSO connection to use for authentication.
- $providerQueryParams : array<string, string>|null = null
-
Key/value pairs of query parameters to pass to the OAuth provider.
- $providerScopes : array<string|int, string>|null = null
-
Additional OAuth scopes to request from the identity provider.
- $invitationToken : string|null = null
-
A token representing a user invitation to redeem during authentication.
- $screenHint : RadarStandaloneAssessRequestAction|null = null
-
Used to specify which screen to display when the provider is
authkit. Defaults to "sign-in". - $loginHint : string|null = null
-
A hint to the authorization server about the login identifier the user might use.
- $provider : UserManagementAuthenticationProvider|null = null
-
The OAuth provider to authenticate with (e.g., GoogleOAuth, MicrosoftOAuth, GitHubOAuth).
- $prompt : string|null = null
-
Controls the authentication flow behavior for the user.
- $state : string|null = null
-
An opaque value used to maintain state between the request and the callback.
- $organizationId : string|null = null
-
The ID of the organization to authenticate the user against.
- $options : RequestOptions|null = null
Tags
Return values
stringgetEmailVerification()
Get an email verification code
public
getEmailVerification(string $id[, RequestOptions|null $options = null ]) : EmailVerification
Get the details of an existing email verification code that can be used to send an email to a user for verification.
Parameters
- $id : string
-
The ID of the email verification code.
- $options : RequestOptions|null = null
Tags
Return values
EmailVerificationgetInvitation()
Get an invitation
public
getInvitation(string $id[, RequestOptions|null $options = null ]) : UserInvite
Get the details of an existing invitation.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitegetJwks()
Get JWKS
public
getJwks(string $clientId[, RequestOptions|null $options = null ]) : JwksResponse
Returns the JSON Web Key Set (JWKS) containing the public keys used for verifying access tokens.
Parameters
- $clientId : string
-
Identifies the application making the request to the WorkOS server. You can obtain your client ID from the API Keys page in the dashboard.
- $options : RequestOptions|null = null
Tags
Return values
JwksResponsegetLogoutUrl()
Logout
public
getLogoutUrl(string $sessionId[, string|null $returnTo = null ][, RequestOptions|null $options = null ]) : string
Logout a user from the current session.
Parameters
- $sessionId : string
-
The ID of the session. This can be extracted from the
sidclaim of the access token. - $returnTo : string|null = null
-
The URL to redirect the user to after logout.
- $options : RequestOptions|null = null
Return values
stringgetMagicAuth()
Get Magic Auth code details
public
getMagicAuth(string $id[, RequestOptions|null $options = null ]) : MagicAuth
Get the details of an existing Magic Auth code that can be used to send an email to a user for authentication.
Parameters
- $id : string
-
The unique ID of the Magic Auth code.
- $options : RequestOptions|null = null
Tags
Return values
MagicAuthgetPasswordReset()
Get a password reset token
public
getPasswordReset(string $id[, RequestOptions|null $options = null ]) : PasswordReset
Get the details of an existing password reset token that can be used to reset a user's password.
Parameters
- $id : string
-
The ID of the password reset token.
- $options : RequestOptions|null = null
Tags
Return values
PasswordResetgetUser()
Get a user
public
getUser(string $id[, RequestOptions|null $options = null ]) : User
Get the details of an existing user.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
UsergetUserByExternalId()
Get a user by external ID
public
getUserByExternalId(string $externalId[, RequestOptions|null $options = null ]) : User
Get the details of an existing user by an external identifier.
Parameters
- $externalId : string
-
The external ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
UsergetUserIdentities()
Get user identities
public
getUserIdentities(string $id[, RequestOptions|null $options = null ]) : array<string|int, mixed>
Get a list of identities associated with the user. A user can have multiple associated identities after going through identity linking. Currently only OAuth identities are supported. More provider types may be added in the future.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
array<string|int, mixed>listInvitations()
List invitations
public
listInvitations([string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, PaginationOrder $order = PaginationOrder::Desc ][, string|null $organizationId = null ][, string|null $email = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserInvite>
Get a list of all of invitations matching the criteria specified.
Parameters
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : PaginationOrder = PaginationOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to "desc". - $organizationId : string|null = null
-
The ID of the organization that the recipient will join.
- $email : string|null = null
-
The email address of the recipient.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserInvite>listJWTTemplate()
Get JWT template
public
listJWTTemplate([RequestOptions|null $options = null ]) : JWTTemplateResponse
Get the JWT template for the current environment.
Parameters
- $options : RequestOptions|null = null
Tags
Return values
JWTTemplateResponselistSessions()
List sessions
public
listSessions(string $id[, string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, PaginationOrder $order = PaginationOrder::Desc ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserSessionsListItem>
Get a list of all active sessions for a specific user.
Parameters
- $id : string
-
The ID of the user.
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : PaginationOrder = PaginationOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to "desc". - $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserSessionsListItem>listUserApiKeys()
List API keys for a user
public
listUserApiKeys(string $userId[, string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, PaginationOrder $order = PaginationOrder::Desc ][, string|null $organizationId = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserApiKey>
Get a list of API keys owned by a specific user.
Parameters
- $userId : string
-
Unique identifier of the user.
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list.
- $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list.
- $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : PaginationOrder = PaginationOrder::Desc
-
Order the results by the creation time. Defaults to "desc".
- $organizationId : string|null = null
-
The ID of the organization to filter user API keys by. When provided, only API keys created against that organization membership are returned.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserApiKey>listUserAuthorizedApplications()
List authorized applications
public
listUserAuthorizedApplications(string $userId[, string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, PaginationOrder $order = PaginationOrder::Desc ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, AuthorizedConnectApplicationListData>
Get a list of all Connect applications that the user has authorized.
Parameters
- $userId : string
-
The ID of the user.
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : PaginationOrder = PaginationOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to "desc". - $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, AuthorizedConnectApplicationListData>listUsers()
List users
public
listUsers([string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, PaginationOrder $order = PaginationOrder::Desc ][, string|null $organization = null ][, string|null $organizationId = null ][, string|null $email = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, User>
Get a list of all of your existing users matching the criteria specified.
Parameters
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : PaginationOrder = PaginationOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to "desc". - $organization : string|null = null
-
(deprecated) Filter users by the organization they are a member of. Deprecated in favor of
organization_id. - $organizationId : string|null = null
-
Filter users by the organization they are a member of.
- $email : string|null = null
-
Filter users by their email address.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, User>resendInvitation()
Resend an invitation
public
resendInvitation(string $id[, CreateUserInviteOptionsLocale|null $locale = null ][, RequestOptions|null $options = null ]) : UserInvite
Resends an invitation email to the recipient. The invitation must be in a pending state.
Parameters
- $id : string
-
The unique ID of the invitation.
- $locale : CreateUserInviteOptionsLocale|null = null
-
The locale to use when rendering the invitation email. See supported locales.
- $options : RequestOptions|null = null
Tags
Return values
UserInviteresetPassword()
Create a password reset token
public
resetPassword(string $email[, RequestOptions|null $options = null ]) : PasswordReset
Creates a one-time token that can be used to reset a user's password.
Parameters
- $email : string
-
The email address of the user requesting a password reset.
- $options : RequestOptions|null = null
Tags
Return values
PasswordResetrevokeInvitation()
Revoke an invitation
public
revokeInvitation(string $id[, RequestOptions|null $options = null ]) : Invitation
Revokes an existing invitation.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
InvitationrevokeSession()
Revoke Session
public
revokeSession(string $sessionId[, RequestOptions|null $options = null ]) : mixed
Revoke a user session.
Parameters
- $sessionId : string
-
The ID of the session to revoke. This can be extracted from the
sidclaim of the access token. - $options : RequestOptions|null = null
Tags
sendEmailChange()
Send email change code
public
sendEmailChange(string $id, string $newEmail[, RequestOptions|null $options = null ]) : EmailChange
Sends an email that contains a one-time code used to change a user's email address.
Parameters
- $id : string
-
The unique ID of the user.
- $newEmail : string
-
The new email address to change to.
- $options : RequestOptions|null = null
Tags
Return values
EmailChangesendInvitation()
Send an invitation
public
sendInvitation(string $email[, string|null $organizationId = null ][, string|null $roleSlug = null ][, int|null $expiresInDays = null ][, string|null $inviterUserId = null ][, CreateUserInviteOptionsLocale|null $locale = null ][, RequestOptions|null $options = null ]) : UserInvite
Sends an invitation email to the recipient.
Parameters
- $email : string
-
The email address of the recipient.
- $organizationId : string|null = null
-
The ID of the organization that the recipient will join.
- $roleSlug : string|null = null
-
The role that the recipient will receive when they join the organization in the invitation.
- $expiresInDays : int|null = null
-
How many days the invitations will be valid for. Must be between 1 and 30 days. Defaults to 7 days if not specified.
- $inviterUserId : string|null = null
-
The ID of the user who invites the recipient. The invitation email will mention the name of this user.
- $locale : CreateUserInviteOptionsLocale|null = null
-
The locale to use when rendering the invitation email. See supported locales.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitesendVerificationEmail()
Send verification email
public
sendVerificationEmail(string $id[, RequestOptions|null $options = null ]) : SendVerificationEmailResponse
Sends an email that contains a one-time code used to verify a user's email address.
Parameters
- $id : string
-
The ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
SendVerificationEmailResponseupdateJWTTemplate()
Update JWT template
public
updateJWTTemplate(string $content[, RequestOptions|null $options = null ]) : JWTTemplateResponse
Update the JWT template for the current environment.
Parameters
- $content : string
-
The JWT template content as a Liquid template string.
- $options : RequestOptions|null = null
Tags
Return values
JWTTemplateResponseupdateUser()
Update a user
public
updateUser(string $id[, string|null $email = null ][, string|null $firstName = null ][, string|null $lastName = null ][, string|null $name = null ][, bool|null $emailVerified = null ][, array<string, string>|null $metadata = null ][, string|null $externalId = null ][, string|null $locale = null ][, null|PasswordPlaintext|PasswordHashed $password = null ][, RequestOptions|null $options = null ]) : User
Updates properties of a user. The omitted properties will be left unchanged.
Parameters
- $id : string
-
The unique ID of the user.
- $email : string|null = null
-
The email address of the user.
- $firstName : string|null = null
-
The first name of the user.
- $lastName : string|null = null
-
The last name of the user.
- $name : string|null = null
-
The user's full name.
- $emailVerified : bool|null = null
-
Whether the user's email has been verified.
- $metadata : array<string, string>|null = null
-
Object containing metadata key/value pairs associated with the user.
- $externalId : string|null = null
-
The external ID of the user.
- $locale : string|null = null
-
The user's preferred locale.
- $password : null|PasswordPlaintext|PasswordHashed = null
- $options : RequestOptions|null = null
Tags
Return values
UserverifyEmail()
Verify email
public
verifyEmail(string $id, string $code[, RequestOptions|null $options = null ]) : VerifyEmailResponse
Verifies an email address using the one-time code received by the user.
Parameters
- $id : string
-
The ID of the user.
- $code : string
-
The one-time email verification code.
- $options : RequestOptions|null = null