workos
WorkOS Integration Skill
This skill provides patterns for WorkOS integration, focusing on Enterprise SSO, Auth Kit, and Organization management in a Go/React stack.
Architectural Standards
1. Auth Kit & AuthLinks
- Auth Kit: Use the hosted UI for login/Sign-up. Handle the redirect in Go using
workos.UserManagement.AuthenticateWithCode. - AuthLink: Programmatically generate AuthLinks for enterprise customers to allow them to self-configure SSO.
- FIDC: Handle "Fraud & Identity Identity Checks" by validating the
risk_scorein the user profile if enabled.
2. Organization Management (Multi-tenancy)
- Frictionless Onboarding: Use "Domain Verification" to automatically assign users to Orgs.
- SCIM Directory Sync: Implement Go handlers for WorkOS SCIM webhooks. Sync
directory_user.createdanddirectory_user.deletedevents to your local DB. - Admin Portal: Link to the WorkOS Admin Portal for "Zero-code" SSO configuration by the customer.
3. Go Backend Security
- Webhook Validation: MANDATORY to use
workos.ValidatePayload(payload, sig, secret)for all webhooks. - JWT Verification: WorkOS uses public keys for JWT signature verification. Fetch and cache these keys periodically.
- Context Isolation: Ensure every Go service call includes the
organization_idextracted from the WorkOS session.
More from inselfcontroll/ai-agent-skills
rust_dioxus_framework
Acts as a Rust Dioxus Framework Specialist for building cross-platform UIs. Use when building desktop, web, or mobile apps using the Dioxus framework.
15clerk
Expert for Clerk authentication integration. Use when setting up Clerk in React, implementing Clerk Go middleware for session validation, or managing Clerk user profiles.
2testing_qa
Acts as a Testing and QA Agent. Use when writing unit, integration, or E2E tests, or when auditing code for test coverage.
2code-review
Expert for codebase-wide code reviews. Use when auditing Pull Requests, refactoring complex logic, or enforcing architectural and security standards across the ecosystem.
2principal_architect
Acts as a Principal Software Architect to design blueprints and enforce architectural rules. Use when designing system architecture, defining API contracts, or planning data flows.
2requirements_analyst
Acts as a Requirements Analyst to translate requests into specifications. Use when gathering user requirements, defining user stories, or creating technical specifications.
2