create_user doesn't pass password parameter; update_user defaults email_verified incorrectly #76
Description
Description
I've encountered two issues with the UserManagement module in version 1.1.2:
Issue 1: create_user doesn't pass the password parameter
When calling WorkOS.UserManagement.create_user/1 with a password:
WorkOS.UserManagement.create_user(%{
email: "user@example.com",
password: "securepassword123"
})The password is not sent to the WorkOS API. The user is created but without a password set.
Workaround: Call update_user/2 after creation to set the password.
Issue 2: update_user appears to default email_verified to false
When calling update_user/2 with only a password on a user that was created with email_verified: true:
# Create user with email_verified: true
{:ok, user} = WorkOS.UserManagement.create_user(%{
email: "user@example.com",
email_verified: true
})
# Update just the password
WorkOS.UserManagement.update_user(user.id, %{password: "newpassword"})This returns an error:
%{"code" => "email_already_verified", "message" => "The user email has already been verified and cannot be unverified."}
This suggests the library is sending email_verified: false (or similar) to the API even though we only passed password.
Workaround: Explicitly pass email_verified: true in the update call:
WorkOS.UserManagement.update_user(user.id, %{
password: "newpassword",
email_verified: true
})Environment
- workos version: 1.1.2
- Elixir version: 1.17
- OTP version: 27