# AuthKit

AuthKit is a user management platform that provides a set of user authentication and organization security features designed to provide a fast, scalable integration while handling all of the user management complexity that comes with advanced B2B customer needs.

To automatically respond to AuthKit activities, like authentication and changes related to the users, use the corresponding [events](https://workos.com/docs/events).

## Create a CORS origin

Creates a new CORS origin for the current environment. CORS origins allow browser-based applications to make requests to the WorkOS API.

#### Request

```bash
curl --request POST \
  --url "https://api.workos.com/user_management/cors_origins" \
  --header "Authorization: Bearer sk_example_123456789" \
  --header "Content-Type: application/json" \
  -d @- <<'BODY'
    {
        "origin": "https://example.com"
    }
BODY
```

#### Response

```json
{
  "object": "cors_origin",
  "id": "cors_origin_01HXYZ123456789ABCDEFGHIJ",
  "origin": "https://example.com",
  "created_at": "2026-01-15T12:00:00.000Z",
  "updated_at": "2026-01-15T12:00:00.000Z"
}
```

## Create a redirect URI

Creates a new redirect URI for an environment.

#### Request

```bash
curl --request POST \
  --url "https://api.workos.com/user_management/redirect_uris" \
  --header "Authorization: Bearer sk_example_123456789" \
  --header "Content-Type: application/json" \
  -d @- <<'BODY'
    {
        "uri": "https://example.com/callback"
    }
BODY
```

#### Response

```json
{
  "object": "redirect_uri",
  "id": "ruri_01EHZNVPK3SFK441A1RGBFSHRT",
  "uri": "https://example.com/callback",
  "default": true,
  "created_at": "2026-01-15T12:00:00.000Z",
  "updated_at": "2026-01-15T12:00:00.000Z"
}
```

## Update JWT template

Update the JWT template for the current environment.

#### Request

```bash
curl --request PUT \
  --url "https://api.workos.com/user_management/jwt_template" \
  --header "Authorization: Bearer sk_example_123456789" \
  --header "Content-Type: application/json" \
  -d @- <<'BODY'
    {
        "content": "{\"urn:myapp:full_name\": \"{{user.first_name}} {{user.last_name}}\", \"urn:myapp:email\": \"{{user.email}}\"}"
    }
BODY
```

#### Response

```json
{
  "object": "jwt_template",
  "content": "{\"urn:myapp:full_name\": \"{{user.first_name}} {{user.last_name}}\", \"urn:myapp:email\": \"{{user.email}}\"}",
  "created_at": "2026-01-15T12:00:00.000Z",
  "updated_at": "2026-01-15T12:00:00.000Z"
}
```

### /user_management/cors_origins

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `origin` | string | Yes | The origin URL to allow for CORS requests. |

### /user_management/redirect_uris

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `uri` | string | Yes | The redirect URI to create. |

### /user_management/jwt_template

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `content` | string | Yes | The JWT template content as a Liquid template string. |