workos.com

HTML metadata

Title: WorkOS — Your app, Enterprise Ready.
Description: Developer APIs/SDKs for Enterprise Ready features like Single Sign-On, Directory Sync, Audit Logging, and more. Get started for free.
Language: en
Canonical: https://workos.com

Open Graph

title: WorkOS — Your app, Enterprise Ready.
description: Developer APIs/SDKs for Enterprise Ready features like Single Sign-On, Directory Sync, Audit Logging, and more. Get started for free.

Technology

CDN: Cloudflare

Analytics

Google Tag Manager

Third-party hosts loaded (8)

cdn.prod.website-files.com×123
cdn.jsdelivr.net×7
cdnjs.cloudflare.com×5
d3e54v103j8qbb.cloudfront.net×1
hubspotonwebflow.com×1
hubspotv2.use1-marketplace-1p-apps-prod-red.if.webflow.services×1
js-na1.hs-scripts.com×1
www.googletagmanager.com×1

Social

Contact

Address: 660 Market St, 94104, San Francisco, CA, US

Registration

Registrar

Amazon Registrar, Inc.

Created

2005-02-02

Expires

2031-02-02 1719 days left

Updated

2026-05-16

Name servers

jerry.ns.cloudflare.com
lila.ns.cloudflare.com

DNS records live

NS

jerry.ns.cloudflare.com
lila.ns.cloudflare.com

MX

1 aspmx.l.google.com
10 alt3.aspmx.l.google.com
10 alt4.aspmx.l.google.com
5 alt1.aspmx.l.google.com
5 alt2.aspmx.l.google.com

TXT

Show 28 TXT records

hcp-domain-verification=9f0d150c7e6261b0f6a41a50de779e97ad553da174ee7722c743352694e3d8cd
cloudflare_dashboard_sso=73dec9c546a6ed6c5d6817b2cca23c2f
plain-domain-verification-vnw23j=GdDfah8oZGtxwdHbamrIGBiXR
launchdarkly-domain-verification=0e1b38b2-84cc-447a-a71f-2b645f5944e4
postman-domain-verification=e6f45ffe8de94f4e7d11fbb2ac5b17c96c85a2c3eabe2ca7a9a1770db4e0ebd89794f35554b04d4715db47d8c28df487c761d208dee7969ef00a9ba32689c4e7
linear-domain-verification=865889
openai-domain-verification=dv-CBFMJoHdixhXOskyaGqp4CFj
zapier-domain-verification-challenge=17fbe77c-2998-485d-abd7-c1da519900ff
notion_verify_H]%x)b0F73kvRf!h#}Gz~Xd::rQijtP,X+y?WZRRtPqif8)g:DFcU#9,si@_K9qGGj45i*U
segment-site-verification=xWL073VAID1FyhJYxaFHL14P7yGIGRjx
google-site-verification=RI2Gz2ap4aVLXJQNieQsXs4qlXDFDo5ASjSBXJjeqzk
google-site-verification=2v4F35N_37ISaSvO1G5sqjnZVJX2SJVBQAMKv_us3qg
stripe-verification=5b527e89781c441c425e29607e3362b25ffb04426a9fbb6070a9568178a4eab6
cloudflare_dashboard_sso=8632029231f8cf129b776df9f3811ec0
rippling-domain-verification=192ac18b4bad2025
cursor-domain-verification-fn5y69=Un4wt91YKJBTuuTSCFxJe2sv3
work-os-playground-domain-verification-ryq2tq=j5E7OZ1huCQbIJWIqetiza1UB
work-os-playground-domain-verification-kze3pm=cNHDYuoqPXEkMm76p5zGSn9Fu
slack-domain-verification=u6xR8aEjtZww1CmDRCUxXbvuiJLxyL64YHAIa4gw
google-site-verification=9B69EfoajKmXp4bZiKJJMjAi1GyllTUNUwubuHxPOhs
atlassian-domain-verification=xqjRc1IaULgoULSBbINtVxriW8IMTeejiUHI92slYNUqLD3aFqV0dZpGsrsq4Qi4
MS=ms94013454
ZOOM_verify_Fxw-6ewpQ_6IWv3cBZ8M5Q
openai-domain-verification=dv-J99WKCT9fcDTjIAzvdUI6SbA
OSSRH-74756
apple-domain-verification=6AnKdsVQgQC8wzoc
stripe-verification=4d266439ff94ea832db29a409a8ea7be114286cde95dafcff0cb61aa541b688c
anthropic-domain-verification-jfsp9j=IISnAn11a3eEEww3N5BjERWAe

Email authentication strong

SPF

v=spf1 include:_spf.google.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:8403d5e5669343778eda2197b844bb39@dmarc-reports.cloudflare.net

policy: reject (enforced)

DKIM

google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5Q1EjJSQkIUdPbxUYoeT5CNwKETizviyU0wkaWhT3K7iSeKzA1+wuK3h19hNuX8//plO9v4j4kDDj…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+PFcmxZky2V2blcepxp4jY+F8hEbJ2sBHoQ5nv6S9i8x7H671KSX9iO8zdM3JKp3wKRS93Ey2OBojFWEp…
s2: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttgf5P479pFcGGnb/Td3oE/WcjQ8rbIqY0nbKlYMEzq7v8KoA83ArartbC5QtoT3xXAyBY84SkEUcQ/O4B…

selectors probed

Certificate (current)

WE1

from 2026-04-08 to 2026-07-07

Expires in 48 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 60/100 Checked live page: https://workos.com/

present

content-security-policy
x-frame-options

findings

missing HSTS
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'