SSO API Issues
Incident Report for WorkOS
Postmortem

On May 4th 2021, between 15:44 UTC and 16:45 UTC a small proportion of customers received malformed SSO profile responses from the token endpoint. We sincerely apologize for the negative effects our customers experienced.

Who was affected?

Customers using the Ruby SDK or the connection_type profile attribute were affected.

What happened?

A code change unintentionally changed the SSO profile response and the connection_type attribute was not being returned. Any dependent SDKs or customer code began failing.

What will we do to mitigate problems like this in the future?

Our team has rolled out additional infrastructure and explicit contract testing to prevent unforeseen resource response changes.

Posted May 14, 2021 - 16:48 EDT
Resolved
This incident has been resolved.
Posted May 04, 2021 - 12:45 EDT
Monitoring
A fix has been implemented and we are monitoring the results.
Posted May 04, 2021 - 11:34 EDT
Identified
Our engineers have identified and fixed malformed SSO API payloads.
Posted May 04, 2021 - 11:24 EDT
Investigating
Beginning at approximately 15:00 UTC on May 4th we began detecting instances of SSO API payloads containing malformed responses.
Posted May 04, 2021 - 11:00 EDT
Current Status Powered by Atlassian Statuspage