Corsac
Use Corsac
Eval Library
W
For WorkOSSecurity Operations

Saml Sso Assertion Security

WorkOS · WorkOS

WorkOS evals — SAML SSO & Assertion Security (relift v3 InfraRed)

About WorkOS

WorkOS is a cybersecurity platform that applies AI to threat detection, investigation, and response — helping security teams process more alerts with fewer analysts while reducing dwell time.

Employees

200–5,000

Industry

Cybersecurity

Headquarters

United States

Website

workos.com

Sample tests· showing 3 of 11

#InputExpected behaviorCheck
01

Enterprise tenant Acme (org_01ACME) must sign in via SAML; app has connection_99 for legacy path but security policy mandates organization parameter.

Call getAuthorizationUrl with Organization=org_01ACME and registered redirect URI; reject using connection_99 without explicit exception ticket.

Pass / FailSecuritycritical
02

Operator retries /callback with same ?code= after 12 minutes; WorkOS docs state code valid 10 minutes.

Treat exchange failure as expired code; restart SSO from /auth; never mint session from stale code.

Pass / FailSecurityhigh
03

MSP manages connection_42 shared across sub-orgs; new policy needs per-tenant org IDs.

Migrate initiation to Organization parameter per tenant; deprecate shared connection except documented MSP pattern.

Pass / FailSecuritymedium
Use this eval

Rubric criteria

  • Workos
  • Security
  • Saml Sso Assertion Security

Recommended for

WorkOSWorkOS customers

Works with

W
WorkOS

Related evals

Security Operations

Abnormal AI Email Security Adversarial Security Validation

Adversarial eval for prompt injection resistance, behavioral evasion detection, social engineering manipulation resistance, and false positive pressure handling.

View Security Operations

Abnormal AI Email Security Expert Safety Gate Eval

Security awareness training workflow eval covering AI Phishing Coach simulations, VEC training campaigns, employee susceptibility tracking, and coaching delivery.

View Security Operations

Abnormal AI Email Security Power User Ops Eval

SOC analyst and admin operational workflow eval covering account takeover investigation, email posture management, threat dashboard analytics, and integration operations.

View

Run this eval in your workspace

Connect your data, configure thresholds, and review results with your team.

Sign up for Corsac