UserManagement
in package
Table of Contents
Properties
Methods
- __construct() : mixed
- acceptInvitation() : Invitation
- Accept an invitation
- authenticateWithCode() : AuthenticateResponse
- authenticateWithDeviceCode() : AuthenticateResponse
- authenticateWithEmailVerification() : AuthenticateResponse
- authenticateWithMagicAuth() : AuthenticateResponse
- authenticateWithOrganizationSelection() : AuthenticateResponse
- authenticateWithPassword() : AuthenticateResponse
- authenticateWithRefreshToken() : AuthenticateResponse
- authenticateWithTotp() : AuthenticateResponse
- confirmEmailChange() : EmailChangeConfirmation
- Confirm email change
- confirmPasswordReset() : ResetPasswordResponse
- Reset the password
- createCorsOrigin() : CORSOriginResponse
- Create a CORS origin
- createDevice() : DeviceAuthorizationResponse
- Get device authorization URL
- createMagicAuth() : MagicAuth
- Create a Magic Auth code
- createOrganizationMembership() : OrganizationMembership
- Create an organization membership
- createRedirectUri() : RedirectUri
- Create a redirect URI
- createUser() : User
- Create a user
- deactivateOrganizationMembership() : OrganizationMembership
- Deactivate an organization membership
- deleteOrganizationMembership() : void
- Delete an organization membership
- deleteUser() : void
- Delete a user
- deleteUserAuthorizedApplication() : void
- Delete an authorized application
- findInvitationByToken() : UserInvite
- Find an invitation by token
- getAuthorizationUrl() : string
- Get an authorization URL
- getEmailVerification() : EmailVerification
- Get an email verification code
- getInvitation() : UserInvite
- Get an invitation
- getJwks() : JwksResponse
- Get JWKS
- getLogoutUrl() : string
- Logout
- getMagicAuth() : MagicAuth
- Get Magic Auth code details
- getOrganizationMembership() : UserOrganizationMembership
- Get an organization membership
- getPasswordReset() : PasswordReset
- Get a password reset token
- getUser() : User
- Get a user
- getUserByExternalId() : User
- Get a user by external ID
- getUserIdentities() : array<string|int, mixed>
- Get user identities
- listInvitations() : PaginatedResponse<string|int, UserInvite>
- List invitations
- listOrganizationMemberships() : PaginatedResponse<string|int, UserOrganizationMembership>
- List organization memberships
- listSessions() : PaginatedResponse<string|int, UserSessionsListItem>
- List sessions
- listUserAuthorizedApplications() : PaginatedResponse<string|int, AuthorizedConnectApplicationListData>
- List authorized applications
- listUsers() : PaginatedResponse<string|int, User>
- List users
- reactivateOrganizationMembership() : UserOrganizationMembership
- Reactivate an organization membership
- resendInvitation() : UserInvite
- Resend an invitation
- resetPassword() : PasswordReset
- Create a password reset token
- revokeInvitation() : Invitation
- Revoke an invitation
- revokeSession() : mixed
- Revoke Session
- sendEmailChange() : EmailChange
- Send email change code
- sendInvitation() : UserInvite
- Send an invitation
- sendVerificationEmail() : SendVerificationEmailResponse
- Send verification email
- updateJWTTemplate() : JWTTemplateResponse
- Update JWT template
- updateOrganizationMembership() : UserOrganizationMembership
- Update an organization membership
- updateUser() : User
- Update a user
- verifyEmail() : VerifyEmailResponse
- Verify email
Properties
$client read-only
private
HttpClient
$client
Methods
__construct()
public
__construct(HttpClient $client) : mixed
Parameters
- $client : HttpClient
acceptInvitation()
Accept an invitation
public
acceptInvitation(string $id[, RequestOptions|null $options = null ]) : Invitation
Accepts an invitation and, if linked to an organization, activates the user's membership in that organization.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
InvitationauthenticateWithCode()
public
authenticateWithCode(string $code[, string|null $codeVerifier = null ][, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $codeVerifier : string|null = null
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithDeviceCode()
public
authenticateWithDeviceCode(string $deviceCode[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $deviceCode : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithEmailVerification()
public
authenticateWithEmailVerification(string $code, string $pendingAuthenticationToken[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $pendingAuthenticationToken : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithMagicAuth()
public
authenticateWithMagicAuth(string $code, string $email[, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $email : string
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithOrganizationSelection()
public
authenticateWithOrganizationSelection(string $pendingAuthenticationToken, string $organizationId[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $pendingAuthenticationToken : string
- $organizationId : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithPassword()
public
authenticateWithPassword(string $email, string $password[, string|null $invitationToken = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $email : string
- $password : string
- $invitationToken : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithRefreshToken()
public
authenticateWithRefreshToken(string $refreshToken[, string|null $organizationId = null ][, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $refreshToken : string
- $organizationId : string|null = null
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseauthenticateWithTotp()
public
authenticateWithTotp(string $code, string $pendingAuthenticationToken, string $authenticationChallengeId[, string|null $ipAddress = null ][, string|null $deviceId = null ][, string|null $userAgent = null ][, RequestOptions|null $options = null ]) : AuthenticateResponse
Parameters
- $code : string
- $pendingAuthenticationToken : string
- $authenticationChallengeId : string
- $ipAddress : string|null = null
- $deviceId : string|null = null
- $userAgent : string|null = null
- $options : RequestOptions|null = null
Tags
Return values
AuthenticateResponseconfirmEmailChange()
Confirm email change
public
confirmEmailChange(string $id, string $code[, RequestOptions|null $options = null ]) : EmailChangeConfirmation
Confirms an email change using the one-time code received by the user.
Parameters
- $id : string
-
The unique ID of the user.
- $code : string
-
The one-time code used to confirm the email change.
- $options : RequestOptions|null = null
Tags
Return values
EmailChangeConfirmationconfirmPasswordReset()
Reset the password
public
confirmPasswordReset(string $token, string $newPassword[, RequestOptions|null $options = null ]) : ResetPasswordResponse
Sets a new password using the token query parameter from the link that the user received. Successfully resetting the password will verify a user's email, if it hasn't been verified yet.
Parameters
- $token : string
-
The password reset token.
- $newPassword : string
-
The new password to set for the user.
- $options : RequestOptions|null = null
Tags
Return values
ResetPasswordResponsecreateCorsOrigin()
Create a CORS origin
public
createCorsOrigin(string $origin[, RequestOptions|null $options = null ]) : CORSOriginResponse
Creates a new CORS origin for the current environment. CORS origins allow browser-based applications to make requests to the WorkOS API.
Parameters
- $origin : string
-
The origin URL to allow for CORS requests.
- $options : RequestOptions|null = null
Tags
Return values
CORSOriginResponsecreateDevice()
Get device authorization URL
public
createDevice(string $clientId[, RequestOptions|null $options = null ]) : DeviceAuthorizationResponse
Initiates the CLI Auth flow by requesting a device code and verification URLs. This endpoint implements the OAuth 2.0 Device Authorization Flow (RFC 8628) and is designed for command-line applications or other devices with limited input capabilities.
Parameters
- $clientId : string
-
The WorkOS client ID for your application.
- $options : RequestOptions|null = null
Tags
Return values
DeviceAuthorizationResponsecreateMagicAuth()
Create a Magic Auth code
public
createMagicAuth(string $email[, string|null $invitationToken = null ][, RequestOptions|null $options = null ]) : MagicAuth
Creates a one-time authentication code that can be sent to the user's email address. The code expires in 10 minutes. To verify the code, authenticate the user with Magic Auth.
Parameters
- $email : string
-
The email address to send the magic code to.
- $invitationToken : string|null = null
-
The invitation token to associate with this magic code.
- $options : RequestOptions|null = null
Tags
Return values
MagicAuthcreateOrganizationMembership()
Create an organization membership
public
createOrganizationMembership(string $userId, string $organizationId[, null|RoleSingle|RoleMultiple $role = null ][, RequestOptions|null $options = null ]) : OrganizationMembership
Creates a new active organization membership for the given organization and user.
Calling this API with an organization and user that match an inactive organization membership will activate the membership with the specified role(s).
Parameters
- $userId : string
-
The ID of the user.
- $organizationId : string
-
The ID of the organization which the user belongs to.
- $role : null|RoleSingle|RoleMultiple = null
- $options : RequestOptions|null = null
Tags
Return values
OrganizationMembershipcreateRedirectUri()
Create a redirect URI
public
createRedirectUri(string $uri[, RequestOptions|null $options = null ]) : RedirectUri
Creates a new redirect URI for an environment.
Parameters
- $uri : string
-
The redirect URI to create.
- $options : RequestOptions|null = null
Tags
Return values
RedirectUricreateUser()
Create a user
public
createUser(string $email[, string|null $firstName = null ][, string|null $lastName = null ][, bool|null $emailVerified = null ][, array<string, string>|null $metadata = null ][, string|null $externalId = null ][, null|PasswordPlaintext|PasswordHashed $password = null ][, RequestOptions|null $options = null ]) : User
Create a new user in the current environment.
Parameters
- $email : string
-
The email address of the user.
- $firstName : string|null = null
-
The first name of the user.
- $lastName : string|null = null
-
The last name of the user.
- $emailVerified : bool|null = null
-
Whether the user's email has been verified.
- $metadata : array<string, string>|null = null
-
Object containing metadata key/value pairs associated with the user.
- $externalId : string|null = null
-
The external ID of the user.
- $password : null|PasswordPlaintext|PasswordHashed = null
- $options : RequestOptions|null = null
Tags
Return values
UserdeactivateOrganizationMembership()
Deactivate an organization membership
public
deactivateOrganizationMembership(string $id[, RequestOptions|null $options = null ]) : OrganizationMembership
Deactivates an active organization membership. Emits an organization_membership.updated event upon successful deactivation.
- Deactivating an
inactivemembership is a no-op and does not emit an event. - Deactivating a
pendingmembership returns an error. This membership should be deleted instead.
See the membership management documentation for additional details.
Parameters
- $id : string
-
The unique ID of the organization membership.
- $options : RequestOptions|null = null
Tags
Return values
OrganizationMembershipdeleteOrganizationMembership()
Delete an organization membership
public
deleteOrganizationMembership(string $id[, RequestOptions|null $options = null ]) : void
Permanently deletes an existing organization membership. It cannot be undone.
Parameters
- $id : string
-
The unique ID of the organization membership.
- $options : RequestOptions|null = null
Tags
deleteUser()
Delete a user
public
deleteUser(string $id[, RequestOptions|null $options = null ]) : void
Permanently deletes a user in the current environment. It cannot be undone.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
deleteUserAuthorizedApplication()
Delete an authorized application
public
deleteUserAuthorizedApplication(string $applicationId, string $userId[, RequestOptions|null $options = null ]) : void
Delete an existing Authorized Connect Application.
Parameters
- $applicationId : string
-
The ID or client ID of the application.
- $userId : string
-
The ID of the user.
- $options : RequestOptions|null = null
Tags
findInvitationByToken()
Find an invitation by token
public
findInvitationByToken(string $token[, RequestOptions|null $options = null ]) : UserInvite
Retrieve an existing invitation using the token.
Parameters
- $token : string
-
The token used to accept the invitation.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitegetAuthorizationUrl()
Get an authorization URL
public
getAuthorizationUrl(string $redirectUri[, string|null $codeChallengeMethod = null ][, string|null $codeChallenge = null ][, string|null $domainHint = null ][, string|null $connectionId = null ][, array<string, string>|null $providerQueryParams = null ][, array<string|int, string>|null $providerScopes = null ][, string|null $invitationToken = null ][, UserManagementAuthenticationScreenHint|null $screenHint = null ][, string|null $loginHint = null ][, UserManagementAuthenticationProvider|null $provider = null ][, string|null $prompt = null ][, string|null $state = null ][, string|null $organizationId = null ][, RequestOptions|null $options = null ]) : string
Generates an OAuth 2.0 authorization URL to authenticate a user with AuthKit or SSO.
Parameters
- $redirectUri : string
-
The callback URI where the authorization code will be sent after authentication.
- $codeChallengeMethod : string|null = null
-
The only valid PKCE code challenge method is
"S256". Required when specifying acode_challenge. - $codeChallenge : string|null = null
-
Code challenge derived from the code verifier used for the PKCE flow.
- $domainHint : string|null = null
-
A domain hint for SSO connection lookup.
- $connectionId : string|null = null
-
The ID of an SSO connection to use for authentication.
- $providerQueryParams : array<string, string>|null = null
-
Key/value pairs of query parameters to pass to the OAuth provider.
- $providerScopes : array<string|int, string>|null = null
-
Additional OAuth scopes to request from the identity provider.
- $invitationToken : string|null = null
-
A token representing a user invitation to redeem during authentication.
- $screenHint : UserManagementAuthenticationScreenHint|null = null
-
Used to specify which screen to display when the provider is
authkit. Defaults to "sign-in". - $loginHint : string|null = null
-
A hint to the authorization server about the login identifier the user might use.
- $provider : UserManagementAuthenticationProvider|null = null
-
The OAuth provider to authenticate with (e.g., GoogleOAuth, MicrosoftOAuth, GitHubOAuth).
- $prompt : string|null = null
-
Controls the authentication flow behavior for the user.
- $state : string|null = null
-
An opaque value used to maintain state between the request and the callback.
- $organizationId : string|null = null
-
The ID of the organization to authenticate the user against.
- $options : RequestOptions|null = null
Tags
Return values
stringgetEmailVerification()
Get an email verification code
public
getEmailVerification(string $id[, RequestOptions|null $options = null ]) : EmailVerification
Get the details of an existing email verification code that can be used to send an email to a user for verification.
Parameters
- $id : string
-
The ID of the email verification code.
- $options : RequestOptions|null = null
Tags
Return values
EmailVerificationgetInvitation()
Get an invitation
public
getInvitation(string $id[, RequestOptions|null $options = null ]) : UserInvite
Get the details of an existing invitation.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitegetJwks()
Get JWKS
public
getJwks(string $clientId[, RequestOptions|null $options = null ]) : JwksResponse
Returns the JSON Web Key Set (JWKS) containing the public keys used for verifying access tokens.
Parameters
- $clientId : string
-
Identifies the application making the request to the WorkOS server. You can obtain your client ID from the API Keys page in the dashboard.
- $options : RequestOptions|null = null
Tags
Return values
JwksResponsegetLogoutUrl()
Logout
public
getLogoutUrl(string $sessionId[, string|null $returnTo = null ][, RequestOptions|null $options = null ]) : string
Logout a user from the current session.
Parameters
- $sessionId : string
-
The ID of the session to revoke. This can be extracted from the
sidclaim of the access token. - $returnTo : string|null = null
-
The URL to redirect the user to after session revocation.
- $options : RequestOptions|null = null
Return values
stringgetMagicAuth()
Get Magic Auth code details
public
getMagicAuth(string $id[, RequestOptions|null $options = null ]) : MagicAuth
Get the details of an existing Magic Auth code that can be used to send an email to a user for authentication.
Parameters
- $id : string
-
The unique ID of the Magic Auth code.
- $options : RequestOptions|null = null
Tags
Return values
MagicAuthgetOrganizationMembership()
Get an organization membership
public
getOrganizationMembership(string $id[, RequestOptions|null $options = null ]) : UserOrganizationMembership
Get the details of an existing organization membership.
Parameters
- $id : string
-
The unique ID of the organization membership.
- $options : RequestOptions|null = null
Tags
Return values
UserOrganizationMembershipgetPasswordReset()
Get a password reset token
public
getPasswordReset(string $id[, RequestOptions|null $options = null ]) : PasswordReset
Get the details of an existing password reset token that can be used to reset a user's password.
Parameters
- $id : string
-
The ID of the password reset token.
- $options : RequestOptions|null = null
Tags
Return values
PasswordResetgetUser()
Get a user
public
getUser(string $id[, RequestOptions|null $options = null ]) : User
Get the details of an existing user.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
UsergetUserByExternalId()
Get a user by external ID
public
getUserByExternalId(string $externalId[, RequestOptions|null $options = null ]) : User
Get the details of an existing user by an external identifier.
Parameters
- $externalId : string
-
The external ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
UsergetUserIdentities()
Get user identities
public
getUserIdentities(string $id[, RequestOptions|null $options = null ]) : array<string|int, mixed>
Get a list of identities associated with the user. A user can have multiple associated identities after going through identity linking. Currently only OAuth identities are supported. More provider types may be added in the future.
Parameters
- $id : string
-
The unique ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
array<string|int, mixed>listInvitations()
List invitations
public
listInvitations([string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, EventsOrder $order = EventsOrder::Desc ][, string|null $organizationId = null ][, string|null $email = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserInvite>
Get a list of all of invitations matching the criteria specified.
Parameters
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : EventsOrder = EventsOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to descending. Defaults to "desc". - $organizationId : string|null = null
-
The ID of the organization that the recipient will join.
- $email : string|null = null
-
The email address of the recipient.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserInvite>listOrganizationMemberships()
List organization memberships
public
listOrganizationMemberships([string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, EventsOrder $order = EventsOrder::Desc ][, string|null $organizationId = null ][, array<string|int, OrganizationMembershipStatus>|null $statuses = null ][, string|null $userId = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserOrganizationMembership>
Get a list of all organization memberships matching the criteria specified. At least one of user_id or organization_id must be provided. By default only active memberships are returned. Use the statuses parameter to filter by other statuses.
Parameters
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : EventsOrder = EventsOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to descending. Defaults to "desc". - $organizationId : string|null = null
-
The ID of the organization which the user belongs to.
- $statuses : array<string|int, OrganizationMembershipStatus>|null = null
-
Filter by the status of the organization membership. Array including any of
active,inactive, orpending. - $userId : string|null = null
-
The ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserOrganizationMembership>listSessions()
List sessions
public
listSessions(string $id[, string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, EventsOrder $order = EventsOrder::Desc ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, UserSessionsListItem>
Get a list of all active sessions for a specific user.
Parameters
- $id : string
-
The ID of the user.
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : EventsOrder = EventsOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to descending. Defaults to "desc". - $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, UserSessionsListItem>listUserAuthorizedApplications()
List authorized applications
public
listUserAuthorizedApplications(string $userId[, string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, EventsOrder $order = EventsOrder::Desc ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, AuthorizedConnectApplicationListData>
Get a list of all Connect applications that the user has authorized.
Parameters
- $userId : string
-
The ID of the user.
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : EventsOrder = EventsOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to descending. Defaults to "desc". - $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, AuthorizedConnectApplicationListData>listUsers()
List users
public
listUsers([string|null $before = null ][, string|null $after = null ][, int|null $limit = null ][, EventsOrder $order = EventsOrder::Desc ][, string|null $organization = null ][, string|null $organizationId = null ][, string|null $email = null ][, RequestOptions|null $options = null ]) : PaginatedResponse<string|int, User>
Get a list of all of your existing users matching the criteria specified.
Parameters
- $before : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includebefore="obj_123"to fetch a new batch of objects before"obj_123". - $after : string|null = null
-
An object ID that defines your place in the list. When the ID is not present, you are at the end of the list. For example, if you make a list request and receive 100 objects, ending with
"obj_123", your subsequent call can includeafter="obj_123"to fetch a new batch of objects after"obj_123". - $limit : int|null = null
-
Upper limit on the number of objects to return, between
1and100. Defaults to 10. - $order : EventsOrder = EventsOrder::Desc
-
Order the results by the creation time. Supported values are
"asc"(ascending),"desc"(descending), and"normal"(descending with reversed cursor semantics wherebeforefetches older records andafterfetches newer records). Defaults to descending. Defaults to "desc". - $organization : string|null = null
-
(deprecated) Filter users by the organization they are a member of. Deprecated in favor of
organization_id. - $organizationId : string|null = null
-
Filter users by the organization they are a member of.
- $email : string|null = null
-
Filter users by their email address.
- $options : RequestOptions|null = null
Tags
Return values
PaginatedResponse<string|int, User>reactivateOrganizationMembership()
Reactivate an organization membership
public
reactivateOrganizationMembership(string $id[, RequestOptions|null $options = null ]) : UserOrganizationMembership
Reactivates an inactive organization membership, retaining the pre-existing role(s). Emits an organization_membership.updated event upon successful reactivation.
- Reactivating an
activemembership is a no-op and does not emit an event. - Reactivating a
pendingmembership returns an error. The user needs to accept the invitation instead.
See the membership management documentation for additional details.
Parameters
- $id : string
-
The unique ID of the organization membership.
- $options : RequestOptions|null = null
Tags
Return values
UserOrganizationMembershipresendInvitation()
Resend an invitation
public
resendInvitation(string $id[, CreateUserInviteOptionsLocale|null $locale = null ][, RequestOptions|null $options = null ]) : UserInvite
Resends an invitation email to the recipient. The invitation must be in a pending state.
Parameters
- $id : string
-
The unique ID of the invitation.
- $locale : CreateUserInviteOptionsLocale|null = null
-
The locale to use when rendering the invitation email. See supported locales.
- $options : RequestOptions|null = null
Tags
Return values
UserInviteresetPassword()
Create a password reset token
public
resetPassword(string $email[, RequestOptions|null $options = null ]) : PasswordReset
Creates a one-time token that can be used to reset a user's password.
Parameters
- $email : string
-
The email address of the user requesting a password reset.
- $options : RequestOptions|null = null
Tags
Return values
PasswordResetrevokeInvitation()
Revoke an invitation
public
revokeInvitation(string $id[, RequestOptions|null $options = null ]) : Invitation
Revokes an existing invitation.
Parameters
- $id : string
-
The unique ID of the invitation.
- $options : RequestOptions|null = null
Tags
Return values
InvitationrevokeSession()
Revoke Session
public
revokeSession(string $sessionId[, string|null $returnTo = null ][, RequestOptions|null $options = null ]) : mixed
Revoke a user session.
Parameters
- $sessionId : string
-
The ID of the session to revoke. This can be extracted from the
sidclaim of the access token. - $returnTo : string|null = null
-
The URL to redirect the user to after session revocation.
- $options : RequestOptions|null = null
Tags
sendEmailChange()
Send email change code
public
sendEmailChange(string $id, string $newEmail[, RequestOptions|null $options = null ]) : EmailChange
Sends an email that contains a one-time code used to change a user's email address.
Parameters
- $id : string
-
The unique ID of the user.
- $newEmail : string
-
The new email address to change to.
- $options : RequestOptions|null = null
Tags
Return values
EmailChangesendInvitation()
Send an invitation
public
sendInvitation(string $email[, string|null $organizationId = null ][, string|null $roleSlug = null ][, int|null $expiresInDays = null ][, string|null $inviterUserId = null ][, CreateUserInviteOptionsLocale|null $locale = null ][, RequestOptions|null $options = null ]) : UserInvite
Sends an invitation email to the recipient.
Parameters
- $email : string
-
The email address of the recipient.
- $organizationId : string|null = null
-
The ID of the organization that the recipient will join.
- $roleSlug : string|null = null
-
The role that the recipient will receive when they join the organization in the invitation.
- $expiresInDays : int|null = null
-
How many days the invitations will be valid for. Must be between 1 and 30 days. Defaults to 7 days if not specified.
- $inviterUserId : string|null = null
-
The ID of the user who invites the recipient. The invitation email will mention the name of this user.
- $locale : CreateUserInviteOptionsLocale|null = null
-
The locale to use when rendering the invitation email. See supported locales.
- $options : RequestOptions|null = null
Tags
Return values
UserInvitesendVerificationEmail()
Send verification email
public
sendVerificationEmail(string $id[, RequestOptions|null $options = null ]) : SendVerificationEmailResponse
Sends an email that contains a one-time code used to verify a user’s email address.
Parameters
- $id : string
-
The ID of the user.
- $options : RequestOptions|null = null
Tags
Return values
SendVerificationEmailResponseupdateJWTTemplate()
Update JWT template
public
updateJWTTemplate(string $content[, RequestOptions|null $options = null ]) : JWTTemplateResponse
Update the JWT template for the current environment.
Parameters
- $content : string
-
The JWT template content as a Liquid template string.
- $options : RequestOptions|null = null
Tags
Return values
JWTTemplateResponseupdateOrganizationMembership()
Update an organization membership
public
updateOrganizationMembership(string $id[, null|RoleSingle|RoleMultiple $role = null ][, RequestOptions|null $options = null ]) : UserOrganizationMembership
Update the details of an existing organization membership.
Parameters
- $id : string
-
The unique ID of the organization membership.
- $role : null|RoleSingle|RoleMultiple = null
- $options : RequestOptions|null = null
Tags
Return values
UserOrganizationMembershipupdateUser()
Update a user
public
updateUser(string $id[, string|null $email = null ][, string|null $firstName = null ][, string|null $lastName = null ][, bool|null $emailVerified = null ][, array<string, string>|null $metadata = null ][, string|null $externalId = null ][, string|null $locale = null ][, null|PasswordPlaintext|PasswordHashed $password = null ][, RequestOptions|null $options = null ]) : User
Updates properties of a user. The omitted properties will be left unchanged.
Parameters
- $id : string
-
The unique ID of the user.
- $email : string|null = null
-
The email address of the user.
- $firstName : string|null = null
-
The first name of the user.
- $lastName : string|null = null
-
The last name of the user.
- $emailVerified : bool|null = null
-
Whether the user's email has been verified.
- $metadata : array<string, string>|null = null
-
Object containing metadata key/value pairs associated with the user.
- $externalId : string|null = null
-
The external ID of the user.
- $locale : string|null = null
-
The user's preferred locale.
- $password : null|PasswordPlaintext|PasswordHashed = null
- $options : RequestOptions|null = null
Tags
Return values
UserverifyEmail()
Verify email
public
verifyEmail(string $id, string $code[, RequestOptions|null $options = null ]) : VerifyEmailResponse
Verifies an email address using the one-time code received by the user.
Parameters
- $id : string
-
The ID of the user.
- $code : string
-
The one-time email verification code.
- $options : RequestOptions|null = null