Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@workos-inc/js

Package Overview
Dependencies
Maintainers
3
Versions
25
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@workos-inc/js

A wrapper for the WorkOS API for all things javascript.

  • 0.0.8
  • unpublished
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
Maintainers
3
Weekly downloads
 
Created
Source

workos-js

A WorkOS client for node applications in your organization to control and monitor the access of information within your organization.

Installation

You can install the WorkOS JS client in your local environment by running:

yarn add @workos-inc/js

Configuration

To use the client you must provide an API key located from the WorkOS dashboard either as an environment variable WORKOS_API_KEY:

WORKOS_API_KEY="sk_1234" ./app

Or you can set it on your own before your application starts:

import WorkOS from '@workos-inc/js';

const workos = new WorkOS({ apiKey: 'sk_1234' });

Usage

Creating an Audit Log event requires a descriptive action name and annotating the event with its CRUD identifier. The action name must contain an action category and an action name separated by a period, for example, user.login.

const event = {
  group: 'organization_1',
  action: 'user.login',
  action_type: 'C',
  actor_name: 'user@email.com',
  actor_id: 'user_1',
  target_name: 'user@email.com',
  target_id: 'user_1',
  location: '1.1.1.1',
  occurred_at: new Date(0),
};

workos.createEvent(event);

The resulting event being sent to WorkOS looks like:

{
  "group": "organization_1",
  "action": "user.login",
  "action_type": "C",
  "actor_name": "user@email.com",
  "actor_id": "user_1",
  "target_name": "user@email.com",
  "target_id": "user_1",
  "location": "1.1.1.1",
  "occurred_at": "2019-05-01T01:15:55.619355Z",
  "metadata": {}
}

All events are published to WorkOS asynchronously by default and support await / async behavior.

Adding Metadata To Events

Metadata provides additional context for your Audit Log events that would be helpful to you or others in the future when looking at an Audit Log event. Values for your metadata are expected to be primitive types:

  • string
  • boolean
  • number
  • Date

You're allowed to have maps with its elements being any one of the primitive types.

You can add metadata directly to events by appending the metadata property.:

const event = {
  group: 'user_1',
  action: 'tweet.update',
  action_type: 'U',
  actor_name: 'user@email.com',
  actor_id: 'user_1',
  target_name: 'user@email.com',
  target_id: 'tweet_5',
  location: '1.1.1.1',
  occurred_at: '2019-05-01T01:15:55.619355Z',
  metadata: {
    body_was: 'What time is the event',
    body: 'What time is the event?',
  },
};

workos.createEvent(event);

Resulting in the following being sent to WorkOS:

{
  "group": "user_1",
  "action": "tweet.update",
  "action_type": "U",
  "actor_name": "user@email.com",
  "actor_id": "user_1",
  "target_name": "user@email.com",
  "target_id": "tweet_5",
  "location": "1.1.1.1",
  "occurred_at": "2019-05-01T01:15:55.619355Z",
  "metadata": {
    "body_was": "What time is the event",
    "body": "What time is the event?"
  }
}

By adding supportive metadata when you create the event you can see what the original tweet body was and what the body was updated to. For something like a tweet that could get updated multiple times over the course of time, you can't always depend on the database representation to tell you what the body has always been. Without logging it right when the change occurs, you'll forever lose all the individual changes along the way. Good Audit Log events attach all supporting information surrounding the event which could be used to inform the reader in the future what exactly happened, how it happened, and when it happened.

Keywords

FAQs

Package last updated on 24 Jun 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc