Problem statement
We use the Auth0 Go SDK. The SDK we use in our application is github.com/auth0/go-auth0/management. The SDK function call we are trying to make is Organization.CreateInvitation.
Here is the structure of the object that we create for this purpose:
&management.OrganizationInvitation{
Inviter: &management.OrganizationInvitationInviter{
Name: <inviter email>,
},
Invitee: &management.OrganizationInvitationInvitee{
Email: <invitee email>,
},
ClientID: <app_id>,
TTLSec: <expiry time>,
}
However, the following error is thrown sometimes:
400 Bad Request: Payload validation error: 'Additional properties not allowed: ticket_id,expires_at,created_at,invitation_url,organization_id, id'.
What might be the reason that we intermittently see this error?
Cause
Since the properties in the error message appear to be properties of the response, it seems likely that the code is potentially passing in an already created invite to the api.Organization.Create call.
The Go SDK uses the same object for request encoding and response decoding. This means the OrganizationInvitation object will get ‘inflated’ with additional data like ticket_id, expires_at, create_at, invitation_url, and id, after calling CreateInvitation.
Since each invitation will have to be its distinct object, this object cannot be reused to create other invitation.
Solution
Revise the code such that each invitation is represented in terms of its distinct object.
Then retest the code and check that no errors of this type are thrown during execution.