Closed faroceann closed 5 days ago
Introduce new methods for Actions:
signResponse
verifyHeader
Example usage:
app.post("/registration-action", async (req, res) => { const context = req.body; // Verify incoming workos-signature try { await workos.actions.verifyHeader({ payload: context, sigHeader: req.headers["workos-signature"] as string, secret: env.ACTIONS_SECRET, }); } catch (err) { return res.status(400).json({ error: "Invalid signature" }); } let verdict: "allow" | "deny"; if (context.user_data.email.split("@")[1] === "gmail.com") { verdict = "deny"; } else { verdict = "allow"; } // Sign the outgoing response using the actions secret const response = await workos.actions.signResponse({ type: "user_registration", verdict, ...(verdict === "deny" && { errorMessage: "Please use a work email address", }), secret: env.ACTIONS_SECRET, }); return res.json(response); });
Does this require changes to the WorkOS Docs? E.g. the API Reference or code snippets need updates.
[x] Yes
If yes, link a related docs PR and add a docs maintainer as a reviewer. Their approval is required.
Description
Introduce new methods for Actions:
signResponse: Supports forming and signing actions responses from an actions endpointverifyHeader: Supports incoming requests from WorkOS reaching actions endpointsExample usage:
Documentation
Does this require changes to the WorkOS Docs? E.g. the API Reference or code snippets need updates.
If yes, link a related docs PR and add a docs maintainer as a reviewer. Their approval is required.