Skip to content

adding machine scopes + machine secret to sdk (v3) #417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: v3
Choose a base branch
from
Open

adding machine scopes + machine secret to sdk (v3) #417

wants to merge 2 commits into from
+295 −32

Conversation

Ben2W
Copy link
Contributor

@Ben2W Ben2W commented Jul 18, 2025

Machine Scopes, Secret Key, and Default Token TTL Support

This PR adds to the machine functionality in our Go SDK with three major features:

✨ New Features

🔗 Machine Scopes

Machines can now have access to other machines through scoped relationships:

type MachineWithScopedMachines struct {
    APIResource
    Machine
    ScopedMachines []*Machine `json:"scoped_machines"`
}
  • Added ScopedMachines field to machine responses (array of machine IDs)
  • Scoped machines never include secret keys to maintain security

�� Secret Key Support

Machines now return a SecretKey field when created:

type MachineWithScopedMachinesAndSecretKey struct {
    APIResource
    MachineWithScopedMachines
    SecretKey string `json:"secret_key"`
}
  • Secret key is only included in create responses
  • Not exposed in subsequent GET/UPDATE/LIST operations
  • Maintains security by not exposing secret keys in scoped machine relationships

Default Token TTL

Added DefaultTokenTTL field to control token expiration:

type CreateParams struct {
    clerk.APIParams
    Name           string   `json:"name"` // Required for create
    ScopedMachines []string `json:"scoped_machines,omitempty"`
    DefaultTokenTTL *int64  `json:"default_token_ttl,omitempty"`
}
  • Available as both request parameter (create/update) and response field
  • Optional parameter with omitempty JSON tag

⚠️ Breaking Changes

Create Machine Name Parameter

// Before
CreateParams{Name: &stringPointer}

// After  
CreateParams{Name: stringValue}

Since the Name was required when creating machines, this was invalid. We also doubt anybody was using this function as it wasn't documented

Ben2W added 2 commits July 18, 2025 19:05
@Ben2W
adding machine scope sdk
dbe24d9 
adding machine scopes to create machine

adding secret key and default ttl

finished!
@Ben2W
updating to v3
5c71a2b
@Ben2W Ben2W requested a review from a team as a code owner July 18, 2025 23:07
@Ben2W Ben2W changed the base branch from v2 to v3 July 18, 2025 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Ben2W