feat(generated): regenerate from spec (8 changes)

.changelog-pending/2026-06-03T19-21-00-dee95fc33c4f813ac60adfa8c57d210db8183dd8.md

@@ -0,0 +1,39 @@
+- [#495](https://github.com/workos/workos-ruby/pull/495) feat(generated)!: regenerate from spec (8 changes)
+
+  **⚠️ Breaking**
+  - **[api_keys](https://workos.com/docs/reference/authkit/api-keys)**:
+    - Made `expires_at` required in API key models
+  - **[directory_sync](https://workos.com/docs/reference/directory-sync)**:
+    - Removed model `DsyncDeactivated`
+    - Removed model `DsyncDeactivatedData`
+    - Removed model `DsyncDeactivatedDataDomain`
+    - Removed enum `DsyncDeactivatedDataType`
+    - Removed enum `DsyncDeactivatedDataState`
+  - **[radar](https://workos.com/docs/reference/radar)**:
+    - Removed `domain_sign_up_rate_limit` from `RadarStandaloneResponseControl`
+  - **[user_management](https://workos.com/docs/reference/authkit/user)**:
+    - Removed `return_to` from `RevokeSession`
+
+  **Features**
+  - **[api_keys](https://workos.com/docs/reference/authkit/api-keys)**:
+    - Added model `ExpireApiKey`
+    - Added model `ApiKeyUpdated`
+    - Added model `ApiKeyUpdatedData`
+    - Added model `ApiKeyUpdatedDataOwner`
+    - Added model `UserApiKeyUpdatedDataOwner`
+    - Added model `ApiKeyUpdatedDataPreviousAttribute`
+    - Added endpoint `POST /api_keys/{id}/expire`
+  - **[audit_logs](https://workos.com/docs/reference/audit-logs)**:
+    - Added `Snowflake` to `AuditLogConfigurationLogStreamType`
+  - **[connect](https://workos.com/docs/reference/workos-connect/standalone)**:
+    - Added `name` to `UserObject`
+  - **[directory_sync](https://workos.com/docs/reference/directory-sync)**:
+    - Added model `DsyncTokenCreated`
+    - Added model `DsyncTokenCreatedData`
+    - Added model `DsyncTokenRevoked`
+    - Added model `DsyncTokenRevokedData`
+  - **[user_management](https://workos.com/docs/reference/authkit/user)**:
+    - Added `name` to user management models
+  - **[webhooks](https://workos.com/docs/reference/webhooks)**:
+    - Added `api_key.updated` to `CreateWebhookEndpointEvents`
+    - Added `api_key.updated` to `UpdateWebhookEndpointEvents`

.last-synced-sha

@@ -1 +1 @@
-cb6857d51b453e3cbdb5bf3647d3ca229dd8af65
+d8c5a7de598792b1cee18d4a9842825110e5c74a

.oagen-manifest.json

@@ -1,7 +1,7 @@
 {
   "version": 2,
   "language": "ruby",
-  "generatedAt": "2026-05-26T15:39:28.792Z",
+  "generatedAt": "2026-06-03T19:20:02.984Z",
   "files": [
     "lib/workos.rb",
     "lib/workos/admin_portal.rb",
@@ -19,8 +19,13 @@
     "lib/workos/api_keys/api_key_revoked.rb",
     "lib/workos/api_keys/api_key_revoked_data.rb",
     "lib/workos/api_keys/api_key_revoked_data_owner.rb",
+    "lib/workos/api_keys/api_key_updated.rb",
+    "lib/workos/api_keys/api_key_updated_data.rb",
+    "lib/workos/api_keys/api_key_updated_data_owner.rb",
+    "lib/workos/api_keys/api_key_updated_data_previous_attribute.rb",
     "lib/workos/api_keys/api_key_validation_response.rb",
     "lib/workos/api_keys/create_organization_api_key.rb",
+    "lib/workos/api_keys/expire_api_key.rb",
     "lib/workos/api_keys/organization_api_key.rb",
     "lib/workos/api_keys/organization_api_key_owner.rb",
     "lib/workos/api_keys/organization_api_key_with_value.rb",
@@ -75,7 +80,6 @@
     "lib/workos/authorization/update_authorization_resource.rb",
     "lib/workos/authorization/update_organization_role.rb",
     "lib/workos/authorization/update_role.rb",
-    "lib/workos/authorization/user_organization_membership_base_list_data.rb",
     "lib/workos/authorization/user_role_assignment.rb",
     "lib/workos/authorization/user_role_assignment_resource.rb",
     "lib/workos/client.rb",
@@ -106,9 +110,6 @@
     "lib/workos/directory_sync/dsync_activated.rb",
     "lib/workos/directory_sync/dsync_activated_data.rb",
     "lib/workos/directory_sync/dsync_activated_data_domain.rb",
-    "lib/workos/directory_sync/dsync_deactivated.rb",
-    "lib/workos/directory_sync/dsync_deactivated_data.rb",
-    "lib/workos/directory_sync/dsync_deactivated_data_domain.rb",
     "lib/workos/directory_sync/dsync_deleted.rb",
     "lib/workos/directory_sync/dsync_deleted_data.rb",
     "lib/workos/directory_sync/dsync_group_created.rb",
@@ -119,6 +120,10 @@
     "lib/workos/directory_sync/dsync_group_user_added_data.rb",
     "lib/workos/directory_sync/dsync_group_user_removed.rb",
     "lib/workos/directory_sync/dsync_group_user_removed_data.rb",
+    "lib/workos/directory_sync/dsync_token_created.rb",
+    "lib/workos/directory_sync/dsync_token_created_data.rb",
+    "lib/workos/directory_sync/dsync_token_revoked.rb",
+    "lib/workos/directory_sync/dsync_token_revoked_data.rb",
     "lib/workos/directory_sync/dsync_user_created.rb",
     "lib/workos/directory_sync/dsync_user_deleted.rb",
     "lib/workos/directory_sync/dsync_user_updated.rb",
@@ -168,6 +173,7 @@
     "lib/workos/groups/create_group_membership.rb",
     "lib/workos/groups/group.rb",
     "lib/workos/groups/update_group.rb",
+    "lib/workos/groups/user_organization_membership_base_list_data.rb",
     "lib/workos/inflections.rb",
     "lib/workos/multi_factor_auth.rb",
     "lib/workos/multi_factor_auth/authentication_challenge.rb",
@@ -336,8 +342,6 @@
     "lib/workos/types/directory_user_with_groups_state.rb",
     "lib/workos/types/dsync_activated_data_state.rb",
     "lib/workos/types/dsync_activated_data_type.rb",
-    "lib/workos/types/dsync_deactivated_data_state.rb",
-    "lib/workos/types/dsync_deactivated_data_type.rb",
     "lib/workos/types/dsync_deleted_data_state.rb",
     "lib/workos/types/dsync_deleted_data_type.rb",
     "lib/workos/types/dsync_user_updated_data_state.rb",
@@ -543,6 +547,7 @@
     "lib/workos/user_management/user_api_key_created_data_owner.rb",
     "lib/workos/user_management/user_api_key_owner.rb",
     "lib/workos/user_management/user_api_key_revoked_data_owner.rb",
+    "lib/workos/user_management/user_api_key_updated_data_owner.rb",
     "lib/workos/user_management/user_api_key_with_value.rb",
     "lib/workos/user_management/user_api_key_with_value_owner.rb",
     "lib/workos/user_management/user_created.rb",
@@ -562,7 +567,6 @@
     "lib/workos/vault/decrypt_request.rb",
     "lib/workos/vault/decrypt_response.rb",
     "lib/workos/vault/delete_object_response.rb",
-    "lib/workos/vault/object.rb",
     "lib/workos/vault/object_metadata.rb",
     "lib/workos/vault/object_summary.rb",
     "lib/workos/vault/object_version.rb",
@@ -591,6 +595,7 @@
     "lib/workos/vault/vault_metadata_read_data.rb",
     "lib/workos/vault/vault_names_listed.rb",
     "lib/workos/vault/vault_names_listed_data.rb",
+    "lib/workos/vault/vault_object.rb",
     "lib/workos/vault/version_list_response.rb",
     "lib/workos/webhooks.rb",
     "lib/workos/webhooks/create_webhook_endpoint.rb",
@@ -614,6 +619,10 @@
     "rbi/workos/api_key_revoked.rbi",
     "rbi/workos/api_key_revoked_data.rbi",
     "rbi/workos/api_key_revoked_data_owner.rbi",
+    "rbi/workos/api_key_updated.rbi",
+    "rbi/workos/api_key_updated_data.rbi",
+    "rbi/workos/api_key_updated_data_owner.rbi",
+    "rbi/workos/api_key_updated_data_previous_attribute.rbi",
     "rbi/workos/api_key_validation_response.rbi",
     "rbi/workos/api_keys.rbi",
     "rbi/workos/application_credentials_list_item.rbi",
@@ -782,9 +791,6 @@
     "rbi/workos/dsync_activated.rbi",
     "rbi/workos/dsync_activated_data.rbi",
     "rbi/workos/dsync_activated_data_domain.rbi",
-    "rbi/workos/dsync_deactivated.rbi",
-    "rbi/workos/dsync_deactivated_data.rbi",
-    "rbi/workos/dsync_deactivated_data_domain.rbi",
     "rbi/workos/dsync_deleted.rbi",
     "rbi/workos/dsync_deleted_data.rbi",
     "rbi/workos/dsync_group_created.rbi",
@@ -795,6 +801,10 @@
     "rbi/workos/dsync_group_user_added_data.rbi",
     "rbi/workos/dsync_group_user_removed.rbi",
     "rbi/workos/dsync_group_user_removed_data.rbi",
+    "rbi/workos/dsync_token_created.rbi",
+    "rbi/workos/dsync_token_created_data.rbi",
+    "rbi/workos/dsync_token_revoked.rbi",
+    "rbi/workos/dsync_token_revoked_data.rbi",
     "rbi/workos/dsync_user_created.rbi",
     "rbi/workos/dsync_user_deleted.rbi",
     "rbi/workos/dsync_user_updated.rbi",
@@ -815,6 +825,7 @@
     "rbi/workos/event_list_list_metadata.rbi",
     "rbi/workos/event_schema.rbi",
     "rbi/workos/events.rbi",
+    "rbi/workos/expire_api_key.rbi",
     "rbi/workos/external_auth_complete_response.rbi",
     "rbi/workos/feature_flag.rbi",
     "rbi/workos/feature_flag_owner.rbi",
@@ -882,7 +893,6 @@
     "rbi/workos/mfa_totp_session_authenticate_request.rbi",
     "rbi/workos/multi_factor_auth.rbi",
     "rbi/workos/new_connect_application_secret.rbi",
-    "rbi/workos/object.rbi",
     "rbi/workos/object_metadata.rbi",
     "rbi/workos/object_summary.rbi",
     "rbi/workos/object_version.rbi",
@@ -1013,6 +1023,7 @@
     "rbi/workos/user_api_key_created_data_owner.rbi",
     "rbi/workos/user_api_key_owner.rbi",
     "rbi/workos/user_api_key_revoked_data_owner.rbi",
+    "rbi/workos/user_api_key_updated_data_owner.rbi",
     "rbi/workos/user_api_key_with_value.rbi",
     "rbi/workos/user_api_key_with_value_owner.rbi",
     "rbi/workos/user_authentication_factor_enroll_response.rbi",
@@ -1056,6 +1067,7 @@
     "rbi/workos/vault_metadata_read_data.rbi",
     "rbi/workos/vault_names_listed.rbi",
     "rbi/workos/vault_names_listed_data.rbi",
+    "rbi/workos/vault_object.rbi",
     "rbi/workos/verify_email_address.rbi",
     "rbi/workos/verify_email_response.rbi",
     "rbi/workos/waitlist_user.rbi",
@@ -1830,6 +1842,10 @@
       "sdkMethod": "delete_api_key",
       "service": "api_keys"
     },
+    "POST /api_keys/{id}/expire": {
+      "sdkMethod": "create_api_key_expire",
+      "service": "api_keys"
+    },
     "GET /user_management/users/{userId}/api_keys": {
       "sdkMethod": "list_user_api_keys",
       "service": "user_management"

lib/workos/api_keys.rb

@@ -127,5 +127,30 @@ def delete_api_key(
       )
       nil
     end
+
+    # Expire an API key
+    # @param id [String] The unique ID of the API key.
+    # @param expires_at [String, nil] When the API key should expire. If omitted or in the past, the key expires immediately. Use null to clear a scheduled future expiration.
+    # @param request_options [Hash] (see WorkOS::Types::RequestOptions)
+    # @return [WorkOS::ApiKey]
+    def create_api_key_expire(
+      id:,
+      expires_at: nil,
+      request_options: {}
+    )
+      body = {
+        "expires_at" => expires_at
+      }.compact
+      response = @client.request(
+        method: :post,
+        path: "/api_keys/#{WorkOS::Util.encode_path(id)}/expire",
+        auth: true,
+        body: body,
+        request_options: request_options
+      )
+      result = WorkOS::ApiKey.new(response.body)
+      result.last_response = WorkOS::Types::ApiResponse.new(http_status: response.code.to_i, http_headers: response.each_header.to_h, request_id: response["x-request-id"])
+      result
+    end
   end
 end

lib/workos/directory_sync/dsync_deactivated.rb → lib/workos/api_keys/api_key_updated.rb

@@ -3,7 +3,7 @@
 # This file is auto-generated by oagen. Do not edit.
 
 module WorkOS
-  class DsyncDeactivated < WorkOS::Types::BaseModel
+  class ApiKeyUpdated < WorkOS::Types::BaseModel
     HASH_ATTRS = {
       object: :object,
       id: :id,
@@ -26,7 +26,7 @@ def initialize(json)
       @object = hash[:object]
       @id = hash[:id]
       @event = hash[:event]
-      @data = hash[:data] ? WorkOS::DsyncDeactivatedData.new(hash[:data]) : nil
+      @data = hash[:data] ? WorkOS::ApiKeyUpdatedData.new(hash[:data]) : nil
       @created_at = hash[:created_at]
       @context = hash[:context] ? WorkOS::EventContext.new(hash[:context]) : nil
     end

lib/workos/api_keys/api_key_updated_data.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+# This file is auto-generated by oagen. Do not edit.
+
+module WorkOS
+  class ApiKeyUpdatedData < WorkOS::Types::BaseModel
+    HASH_ATTRS = {
+      object: :object,
+      id: :id,
+      owner: :owner,
+      name: :name,
+      obfuscated_value: :obfuscated_value,
+      last_used_at: :last_used_at,
+      expires_at: :expires_at,
+      permissions: :permissions,
+      created_at: :created_at,
+      updated_at: :updated_at,
+      previous_attributes: :previous_attributes
+    }.freeze
+
+    attr_accessor \
+      :object,
+      :id,
+      :owner,
+      :name,
+      :obfuscated_value,
+      :last_used_at,
+      :expires_at,
+      :permissions,
+      :created_at,
+      :updated_at,
+      :previous_attributes
+
+    def initialize(json)
+      hash = self.class.normalize(json)
+      @object = hash[:object]
+      @id = hash[:id]
+      @owner = hash[:owner] ? (case hash[:owner][:type] when "organization" then WorkOS::ApiKeyUpdatedDataOwner.new(hash[:owner]) when "user" then WorkOS::UserApiKeyUpdatedDataOwner.new(hash[:owner]) else hash[:owner] end) : nil
+      @name = hash[:name]
+      @obfuscated_value = hash[:obfuscated_value]
+      @last_used_at = hash[:last_used_at]
+      @expires_at = hash[:expires_at]
+      @permissions = hash[:permissions] || []
+      @created_at = hash[:created_at]
+      @updated_at = hash[:updated_at]
+      @previous_attributes = hash[:previous_attributes] ? WorkOS::ApiKeyUpdatedDataPreviousAttribute.new(hash[:previous_attributes]) : nil
+    end
+  end
+end

lib/workos/directory_sync/dsync_deactivated_data_domain.rb → lib/workos/api_keys/api_key_updated_data_owner.rb

@@ -3,5 +3,5 @@
 # This file is auto-generated by oagen. Do not edit.
 
 module WorkOS
-  DsyncDeactivatedDataDomain = DsyncActivatedDataDomain
+  ApiKeyUpdatedDataOwner = ApiKeyCreatedDataOwner
 end

lib/workos/api_keys/api_key_updated_data_previous_attribute.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# This file is auto-generated by oagen. Do not edit.
+
+module WorkOS
+  class ApiKeyUpdatedDataPreviousAttribute < WorkOS::Types::BaseModel
+    HASH_ATTRS = {
+      expires_at: :expires_at
+    }.freeze
+
+    attr_accessor :expires_at
+
+    def initialize(json)
+      hash = self.class.normalize(json)
+      @expires_at = hash[:expires_at]
+    end
+  end
+end

lib/workos/api_keys/expire_api_key.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+# This file is auto-generated by oagen. Do not edit.
+
+module WorkOS
+  class ExpireApiKey < WorkOS::Types::BaseModel
+    HASH_ATTRS = {
+      expires_at: :expires_at
+    }.freeze
+
+    attr_accessor :expires_at
+
+    def initialize(json)
+      hash = self.class.normalize(json)
+      @expires_at = hash[:expires_at]
+    end
+  end
+end