union of parentResourceExternalId & parentResourceTypeSlug

[swaroopAkkineniWorkos]

Description

Documentation

Does this require changes to the WorkOS Docs? E.g. the API Reference or code snippets need updates.

[ ] Yes

If yes, link a related docs PR and add a docs maintainer as a reviewer. Their approval is required.

[linear]

ENT-4372 SDK Updates

[greptile-apps]

Greptile Overview

Greptile Summary

This PR refactors the CreateAuthorizationResourceOptions type from a single interface with all-optional parent fields to a discriminated union that enforces mutual exclusivity between parentResourceId and (parentResourceExternalId + parentResourceTypeSlug). The serializer now uses the in operator for conditional field inclusion based on which union member is used.

Critical Issue: The union is missing a member for creating resources without any parent. Previously, all parent fields were optional, allowing top-level resources. The new type requires EITHER parentResourceId OR both parentResourceExternalId and parentResourceTypeSlug, but doesn't support omitting all parent fields. This breaks the ability to create root-level authorization resources.

Test Coverage: All updated tests now include parent resource fields. Tests that previously verified behavior when parent fields are omitted have been removed, and some test names are now misleading (e.g., "excludes description when omitted" but always includes parentResourceId).

Confidence Score: 1/5

• This PR breaks the ability to create top-level authorization resources
• The type system change removes support for creating resources without a parent, which was previously possible. This is a breaking change that will cause TypeScript compilation errors for any code creating top-level resources and removes critical functionality.
• Pay close attention to src/authorization/interfaces/authorization-resource.interface.ts - the union type needs a third member to support resources without parents

Important Files Changed

Filename	Overview
src/authorization/interfaces/authorization-resource.interface.ts	Introduced discriminated union for parent resource options, but missing union member for resources without any parent, breaking ability to create top-level resources
src/authorization/serializers/create-authorization-resource-options.serializer.ts	Updated serializer to use in operator checks for conditional field inclusion, correctly handles union type discrimination
src/authorization/authorization.spec.ts	Tests updated to always include parent resource fields, removing coverage for top-level resources without parents and making some test names misleading

[greptile-apps]

_{3 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Missing union member for resources without a parent. The type currently requires EITHER parentResourceId OR parentResourceExternalId+parentResourceTypeSlug, but doesn't allow creating top-level resources (no parent at all). Add a third union member with just BaseCreateAuthorizationResourceOptions to support this case.

Suggested change

	export type CreateAuthorizationResourceOptions =
	| CreateOptionsWithParentResourceId
	| CreateOptionsWithParentExternalId;
	export type CreateAuthorizationResourceOptions =
	| BaseCreateAuthorizationResourceOptions
	| CreateOptionsWithParentResourceId
	| CreateOptionsWithParentExternalId;

[greptile-apps]

Test updated to always include parentResourceId, but the test name says "excludes description when omitted". This doesn't test the scenario where parent fields are actually omitted (which would be a top-level resource). Either restore the original test case or update the name to reflect what's actually being tested.

[greptile-apps]

Test now always sets parentResourceId, making the test name misleading. The test says it "sends null when description is explicitly set to null" but doesn't verify behavior when parentResourceId is omitted or null.