feat(generated): Add user info to organization memberships and new event types

[workos-sdk-automation]

Summary

• Added User field to UserOrganizationMembership and OrganizationMembership structs to include user details in membership responses
• Added new UserOrganizationMembershipBaseWithUser struct with embedded user information for authorization endpoints
• Changed return type of AuthorizationService.ListMembershipsForResource() and ListMembershipsForResourceByExternalID() from UserOrganizationMembershipBaseListData to UserOrganizationMembershipBaseWithUser
• Added new event types: DsyncTokenCreated, DsyncTokenCreatedData, DsyncTokenDeleted, and DsyncTokenDeletedData for directory sync token lifecycle events
• Added Name field to DirectoryUser, DirectoryUserWithGroups, DsyncUserUpdatedData, and Profile structs
• Added EventContextActorSourceAdminPortal constant for admin portal actor source
• Added new type alias UserOrganizationMembershipBaseWithUserStatus
• Updated APIKeyValidationResponse to use new APIKeyValidationResponseAPIKey struct with its own owner type
• Enhanced test fixtures and test data files to support new field structures

Triggered by workos/openapi-spec@91fc76a

[greptile-apps]

Greptile Summary

This generated PR extends several core models with embedded user data and new event types, driven by an OpenAPI spec update. Two public API changes — the return type of ListMembershipsForResource / ListMembershipsForResourceByExternalID (now Iterator[UserOrganizationMembershipBaseWithUser]) and the APIKeyValidationResponse.APIKey field type (now APIKeyValidationResponseAPIKey) — are compile-time breaking changes for existing consumers of the v7 module and would normally require a major version bump.

• ListMembershipsForResource and ListMembershipsForResourceByExternalID now return *Iterator[UserOrganizationMembershipBaseWithUser], breaking any caller that stores or type-checks the iterator element.
• APIKeyValidationResponse.APIKey changed from *APIKey to *APIKeyValidationResponseAPIKey; these are structurally identical but named differently, causing a compile break for any code that assigns the field to a *APIKey variable.

Confidence Score: 3/5

PR introduces two compile-time breaking API changes in a versioned module that may affect existing consumers before a major version bump is issued.

Two P1 findings: the iterator element type change and the APIKeyValidationResponse field type change both break compilation for existing callers without a semver-major bump. The rest of the changes (new structs, new event types, added fields) are additive and safe.

authorization.go (iterator return type) and models.go (APIKeyValidationResponse.APIKey field type)

Important Files Changed

Filename	Overview
authorization.go	Return type of ListMembershipsForResource and ListMembershipsForResourceByExternalID changed from Iterator[UserOrganizationMembershipBaseListData] to Iterator[UserOrganizationMembershipBaseWithUser] — a compile-time breaking change for existing callers.
models.go	New UserOrganizationMembershipBaseWithUser, DsyncTokenCreated/Deleted structs added; APIKeyValidationResponse.APIKey field type changed to APIKeyValidationResponseAPIKey (breaking); User field added to membership structs without omitempty.
enums.go	Added EventContextActorSourceAdminPortal constant and UserOrganizationMembershipBaseWithUserStatus type alias; additive and safe.
authorization_test.go	Updated fixtures for ListMembershipsForResource tests to use new list_user_organization_membership_base_with_user.json; tests check item presence but not the embedded User field value.
user_management_test.go	Updated UserID assertions in membership tests to match new fixture data; consistent and correct.

Class Diagram

%%{init: {'theme': 'neutral'}}%%
classDiagram
    class UserOrganizationMembershipBaseWithUser {
        +String ID
        +String UserID
        +String OrganizationID
        +Status
        +bool DirectoryManaged
        +String OrganizationName
        +map CustomAttributes
        +String CreatedAt
        +String UpdatedAt
        +User User
    }
    class UserOrganizationMembershipBaseListData {
        +String ID
        +String UserID
        +String OrganizationID
        +Status
        +bool DirectoryManaged
        +String CreatedAt
        +String UpdatedAt
    }
    class User {
        +String ID
        +String FirstName
        +String LastName
        +String Email
        +bool EmailVerified
        +String ExternalID
        +String Locale
    }
    class UserOrganizationMembership {
        +String ID
        +User User
        +SlimRole Role
    }
    class OrganizationMembership {
        +String ID
        +User User
        +SlimRole Role
    }
    class DsyncTokenCreated {
        +String ID
        +String Event
        +DsyncTokenCreatedData Data
    }
    class DsyncTokenCreatedData {
        +String ID
        +String DirectoryID
        +String OrganizationID
        +String TokenSuffix
        +String CreatedAt
        +String ExpiresAt
    }
    UserOrganizationMembershipBaseWithUser --> User : embeds
    UserOrganizationMembership --> User : embeds (new)
    OrganizationMembership --> User : embeds (new)
    DsyncTokenCreated --> DsyncTokenCreatedData : contains
    note for UserOrganizationMembershipBaseListData "Replaced as iterator element type"

Loading

Comments Outside Diff (1)

1. models.go, line 677-679 (link)

   Breaking field type change — APIKeyValidationResponse.APIKey

   APIKeyValidationResponse.APIKey changed from *APIKey to *APIKeyValidationResponseAPIKey. Any code that assigns response.APIKey to a *workos.APIKey variable, passes it to a function expecting that type, or pattern-matches on it will fail to compile. Even though both types are structurally identical and their Owner fields resolve to the same underlying APIKeyCreatedDataOwner alias, Go's type system treats the named structs as distinct — this is a compile-time breaking change for existing consumers.

_{Reviews (1): Last reviewed commit: "feat(generated): Add user info to organi..." | Re-trigger Greptile}

[greptile-apps]

Breaking API change — iterator element type

Both ListMembershipsForResource and ListMembershipsForResourceByExternalID now return *Iterator[UserOrganizationMembershipBaseWithUser] instead of *Iterator[UserOrganizationMembershipBaseListData]. Any caller that stores the result, assigns it to a typed variable, or calls iter.Current() and assigns the return value will fail to compile after upgrading. Since the module is already at v7, this constitutes a semver-breaking change that normally requires a major version bump (e.g. v8).

[greptile-apps]

User field missing omitempty on membership structs

User *User \json:"user"`is added to bothUserOrganizationMembershipandOrganizationMembershipwithoutomitempty. When callers marshal these structs to JSON and the API response did not embed a user (e.g. older API versions or endpoints that don't expand user details), the output will include "user": nullrather than omitting the key. If the field is only conditionally populated by the API, addingomitempty` would be safer.

[greptile-apps]

User field on UserOrganizationMembershipBaseWithUser missing omitempty

Same consideration as the sibling structs: User *User \json:"user"`withoutomitemptywill serialize as"user": null when the field is unset. If the embedded user is always required by the API contract, the field could be non-pointer (User User). If it is optional, omitempty` is appropriate.