Skip to content

Default to adding idempotecy-key to audit-logs/events if not present#1383

Merged
swaroopAkkineniWorkos merged 6 commits intomainfrom
ENT-3983-auto-retry-idempotency-audit-logs
Nov 13, 2025
Merged

Default to adding idempotecy-key to audit-logs/events if not present#1383
swaroopAkkineniWorkos merged 6 commits intomainfrom
ENT-3983-auto-retry-idempotency-audit-logs

Conversation

@swaroopAkkineniWorkos
Copy link
Contributor

@swaroopAkkineniWorkos swaroopAkkineniWorkos commented Nov 10, 2025
edited
Loading

Description

Updating node sdk to always generating an idempotencyKey if not present when POSTing audit-logs events. Also enabled retrying for POST

@linear
Copy link

linear bot commented Nov 10, 2025

ENT-3983 sdk: Audit and add idempotency key + auto retries in all supported sdks

@swaroopAkkineniWorkos swaroopAkkineniWorkos changed the title ENT-3983: default to addig idempotecy-key to audit-logs/events if not present ENT-3983: default to adding idempotecy-key to audit-logs/events if not present Nov 10, 2025
@swaroopAkkineniWorkos swaroopAkkineniWorkos marked this pull request as ready for review November 10, 2025 17:09
@swaroopAkkineniWorkos swaroopAkkineniWorkos requested a review from a team as a code owner November 10, 2025 17:09
@swaroopAkkineniWorkos swaroopAkkineniWorkos added the enhancement New feature or request label Nov 10, 2025
@swaroopAkkineniWorkos swaroopAkkineniWorkos changed the title ENT-3983: default to adding idempotecy-key to audit-logs/events if not present Default to adding idempotecy-key to audit-logs/events if not present Nov 10, 2025
greptile-apps[bot]
greptile-apps bot reviewed Nov 10, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Overview

Greptile Summary

This PR enhances the audit logs event creation with automatic idempotency key generation and retry capabilities. When createEvent is called without an idempotency key, the SDK now auto-generates a UUID v4, ensuring safe retries even when users don't provide one. The PR also enables retry logic (up to 4 total attempts with exponential backoff) for the /audit_logs/events endpoint for status codes 408, 500, 502, and 504.

Key changes:

  • Auto-generates UUID v4 idempotency key in createEvent if not provided
  • Extended isPathRetryable to include /audit_logs/events endpoint
  • Added comprehensive test coverage for both features including retry scenarios

Implementation quality:

  • Clean implementation using spread operator to preserve user options
  • Properly maintains same idempotency key across retry attempts
  • Thorough test coverage including edge cases (multiple requests, max retries, key persistence)

Confidence Score: 5/5

  • This PR is safe to merge with no identified risks
  • The implementation is straightforward and well-tested. The auto-generation of idempotency keys improves reliability without breaking existing functionality (users can still provide their own keys). The retry logic follows existing patterns and is correctly scoped to the specific endpoint. All custom security rules are satisfied, and the comprehensive test suite validates both happy paths and edge cases.
  • No files require special attention

Important Files Changed

File Analysis

Filename Score Overview
src/audit-logs/audit-logs.ts 5/5 Added automatic UUID generation for idempotency keys when not provided by the user
src/common/net/http-client.ts 5/5 Extended retry logic to include /audit_logs/events endpoint
src/audit-logs/audit-logs.spec.ts 5/5 Added comprehensive test coverage for idempotency key auto-generation and retry behavior

Sequence Diagram

sequenceDiagram
    participant Client
    participant AuditLogs
    participant WorkOS
    participant HttpClient
    participant API

    Client->>AuditLogs: createEvent(org, event, options?)
    AuditLogs->>AuditLogs: Generate UUID if idempotencyKey missing
    Note over AuditLogs: options.idempotencyKey || randomUUID()
    AuditLogs->>WorkOS: post('/audit_logs/events', data, optionsWithIdempotency)
    WorkOS->>WorkOS: Add Idempotency-Key header
    WorkOS->>HttpClient: post(path, entity, headers)
    HttpClient->>HttpClient: Check isPathRetryable('/audit_logs/events')
    Note over HttpClient: Returns true (new behavior)
    
    loop Retry up to 4 attempts
        HttpClient->>API: POST request with same idempotency key
        alt Success (201)
            API-->>HttpClient: Success response
            HttpClient-->>WorkOS: Response
            WorkOS-->>AuditLogs: void
            AuditLogs-->>Client: Success
        else Retryable error (408, 500, 502, 504)
            API-->>HttpClient: Error response
            HttpClient->>HttpClient: Sleep with exponential backoff
            Note over HttpClient: Retry with same idempotency key
        end
    end
    
    alt Max retries exceeded
        HttpClient-->>WorkOS: Throw error
        WorkOS-->>AuditLogs: Exception
        AuditLogs-->>Client: Exception
    end
Loading

3 files reviewed, no comments

Edit Code Review Agent Settings | Greptile

@swaroopAkkineniWorkos swaroopAkkineniWorkos requested review from a team, PavanKulkarni, ajworkos, csrbarber, jonatascastro12, katie-west and nave91 and removed request for a team November 10, 2025 18:19
@nholden
Copy link
Member

nholden commented Nov 10, 2025

I was auto-assigned as a reviewer as a random member of workos/typescript, but I see many highly competent and wonderful folks with more context in the reviewer list, so I'm going to un-assign myself. Feel free to reassign me if needed!

@nholden nholden removed their request for review November 10, 2025 18:51
nave91
nave91 approved these changes Nov 12, 2025
View reviewed changes
Copy link
Contributor

@nave91 nave91 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes looks great! One tiny nitpick if we want to differentiate between sdk generated idempotency key vs customer.

src/audit-logs/audit-logs.ts Outdated
// Auto-generate idempotency key if not provided
const optionsWithIdempotency: CreateAuditLogEventRequestOptions = {
...options,
idempotencyKey: options.idempotencyKey || randomUUID(),
Copy link
Contributor

@nave91 nave91 Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you prefix the randomUUID() with ws_ or workos_ so we know this was generated by us and not the customer?

src/audit-logs/audit-logs.spec.ts
expect(fetch).toHaveBeenCalledTimes(3);
});

it('succeeds on the last retry attempt (4th attempt)', async () => {
Copy link
Contributor

@nave91 nave91 Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯 nice test case!

nave91
nave91 reviewed Nov 12, 2025
View reviewed changes
src/audit-logs/audit-logs.ts
idempotencyKey: options.idempotencyKey || randomUUID(),
};

await this.workos.post(
Copy link
Contributor

@nave91 nave91 Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you know if this await throws an exception for 4xx? For cases where schema validation fails, we return 400 but I'm not sure if this gets propagated to the caller?

Copy link
Contributor Author

@swaroopAkkineniWorkos swaroopAkkineniWorkos Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When schema validation fails, it throws InvalidAuditLogEventException (400), which propagates t to the workOS-node,

@swaroopAkkineniWorkos swaroopAkkineniWorkos merged commit ee7d609 into main Nov 13, 2025
5 checks passed
@swaroopAkkineniWorkos swaroopAkkineniWorkos deleted the ENT-3983-auto-retry-idempotency-audit-logs branch November 13, 2025 17:15
@antn antn mentioned this pull request Nov 20, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@nholden nholden nholden approved these changes

@PavanKulkarni PavanKulkarni Awaiting requested review from PavanKulkarni PavanKulkarni was automatically assigned from workos/enterprise

@jonatascastro12 jonatascastro12 Awaiting requested review from jonatascastro12 jonatascastro12 was automatically assigned from workos/enterprise

@csrbarber csrbarber Awaiting requested review from csrbarber csrbarber was automatically assigned from workos/enterprise

@ajworkos ajworkos Awaiting requested review from ajworkos ajworkos was automatically assigned from workos/enterprise

@katie-west katie-west Awaiting requested review from katie-west katie-west was automatically assigned from workos/enterprise

+1 more reviewer

@nave91 nave91 nave91 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement New feature or request

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@swaroopAkkineniWorkos @nholden @nave91