Oidc Oauth Session Tokens
WorkOS · WorkOS
WorkOS evals — OIDC, OAuth & Session Tokens (relift v3 InfraRed)
About WorkOS
WorkOS is a cybersecurity platform that applies AI to threat detection, investigation, and response — helping security teams process more alerts with fewer analysts while reducing dwell time.
Sample tests· showing 3 of 13
| # | Input | Expected behavior | Check |
|---|---|---|---|
| 01 | B2B app adds social login via provider=GoogleOAuth with redirect https://app.example.com/oauth/callback. | Use getAuthorizationUrl Provider=GoogleOAuth and allowlisted redirect; separate from enterprise org SAML flow. | Pass / FailSecurityhigh |
| 02 | Mobile app uses OIDC connection; must use PKCE per ASVS. | Document PKCE code_verifier/challenge on auth URL where WorkOS/OIDC connection supports; validate state and nonce on token exchange. | Pass / FailSecuritycritical |
| 03 | Container clock +90s skew; token exp rejected intermittently. | Sync NTP; apply small leeway only if documented; prefer WorkOS SDK validation; log skew detection. | Pass / FailSecuritymedium |
Rubric criteria
- Workos
- Security
- Oidc Oauth Session Tokens
Recommended for
Works with
Related evals
Abnormal AI Email Security Adversarial Security Validation
Adversarial eval for prompt injection resistance, behavioral evasion detection, social engineering manipulation resistance, and false positive pressure handling.
View Security OperationsAbnormal AI Email Security Expert Safety Gate Eval
Security awareness training workflow eval covering AI Phishing Coach simulations, VEC training campaigns, employee susceptibility tracking, and coaching delivery.
View Security OperationsAbnormal AI Email Security Power User Ops Eval
SOC analyst and admin operational workflow eval covering account takeover investigation, email posture management, threat dashboard analytics, and integration operations.
ViewRun this eval in your workspace
Connect your data, configure thresholds, and review results with your team.