Organizations API

Teams, members, and shared workspaces

2 min read

Team collaboration and organization management. Create organizations for team workspaces, invite members via email, assign roles with different permission levels (owner, admin, member), and manage team subscriptions. Organizations can own projects and share resources across team members.

Available Endpoints

Method	Endpoint	Description
`GET`	`/api/user/organizations/{organizationId}/audit-logs`	Get audit logs
`GET`	`/api/user/organizations/{organizationId}/audit-logs/export`	Export audit logs
`GET`	`/api/user/organizations`	List organizations
`POST`	`/api/user/organizations`	Create organization
`GET`	`/api/user/organizations/{organizationId}`	Get organization
`PUT`	`/api/user/organizations/{organizationId}`	Update organization
`GET`	`/api/user/organizations/{organizationId}/members`	List members
`PUT`	`/api/user/organizations/{organizationId}/members/{memberId}/role`	Update member role
`DELETE`	`/api/user/organizations/{organizationId}/members/{memberId}`	Remove member
`GET`	`/api/user/organizations/{organizationId}/my-membership`	Get my membership
`GET`	`/api/user/organizations/{organizationId}/invites`	List organization invites
`POST`	`/api/user/organizations/{organizationId}/invites`	Send invitations
`DELETE`	`/api/user/organizations/{organizationId}/invites/{memberId}`	Cancel invitation
`POST`	`/api/user/organizations/{organizationId}/invites/{memberId}/resend`	Resend invitation
`POST`	`/api/user/invites/{token}/accept`	Accept invitation
`GET`	`/api/user/organizations/{organizationId}/settings/billing`	Get billing settings
`PUT`	`/api/user/organizations/{organizationId}/settings/billing`	Update billing settings
`GET`	`/api/user/organizations/{organizationId}/mfa`	Get MFA settings
`PUT`	`/api/user/organizations/{organizationId}/mfa`	Update MFA settings
`GET`	`/api/user/organizations/{organizationId}/mfa/compliance`	Get MFA compliance status
`GET`	`/api/user/organizations/{organizationId}/settings/sso`	Get SSO configuration
`PUT`	`/api/user/organizations/{organizationId}/settings/sso`	Update SSO configuration
`DELETE`	`/api/user/organizations/{organizationId}/settings/sso`	Disable SSO
`POST`	`/api/user/organizations/{organizationId}/settings/sso/test`	Test SSO configuration
`GET`	`/api/user/organizations/{organizationId}/domains`	List organization domains
`POST`	`/api/user/organizations/{organizationId}/domains`	Add domain for verification
`GET`	`/api/user/organizations/{organizationId}/domains/{domainId}`	Get domain
`DELETE`	`/api/user/organizations/{organizationId}/domains/{domainId}`	Remove domain
`POST`	`/api/user/organizations/{organizationId}/domains/{domainId}/verify`	Verify domain ownership
`GET`	`/api/user/organizations/{organizationId}/settings/security`	Get security settings
`PUT`	`/api/user/organizations/{organizationId}/settings/security`	Update security settings

Endpoints

GET

/api/user/organizations/{organizationId}/audit-logs

Get audit logs

Get audit logs for the organization.

Bearer Token•Scopes: organization:manage-members

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/audit-logs" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/audit-logs", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Query Parameters

Name	Type	Description
`offset`	integer,null	Number of items to skip `0`
`limit`	number	Number of items to return (max 100) `20`
`action`	string	Filter by action type `auth.login`
`resourceType`	string	Filter by resource type `user`
`resourceId`	string	Filter by resource ID `550e8400-e29b-41d4-a716-446655440000`
`userId`	string	Filter by user ID `550e8400-e29b-41d4-a716-446655440000`
`startDate`	string	Filter logs after this date `2024-01-01T00:00:00.000Z`
`endDate`	string	Filter logs before this date `2024-12-31T23:59:59.000Z`

Response 200

Audit logs retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "logs": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "createdAt": "2024-01-15T10:30:00.000Z",
      "organizationId": "550e8400-e29b-41d4-a716-446655440001",
      "userId": "507f1f77bcf86cd799439013",
      "actor": {},
      "action": "member.invite",
      "resourceType": "member",
      "resourceId": "507f1f77bcf86cd799439014",
      "metadata": {},
      "ipAddress": "192.168.1.1",
      "userAgent": "Mozilla/5.0...",
      "auditSessionId": "sess_xxx",
      "traceId": {}
    }
  ],
  "total": 100,
  "offset": 0,
  "limit": 25,
  "hasMore": true
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/audit-logs/export

Export audit logs

Export audit logs as CSV or JSON.

Bearer Token•Scopes: organization:manage-members

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/audit-logs/export" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/audit-logs/export", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Query Parameters

Name	Type	Description
`action`	string	Filter by action type
`resourceType`	string	Filter by resource type
`userId`	string	Filter by user ID `550e8400-e29b-41d4-a716-446655440000`
`startDate`	string	Filter logs after this date
`endDate`	string	Filter logs before this date
`format`	AuditExportFormat

Response 200

Audit logs exported successfully

[
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-15T10:30:00.000Z",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "userId": "507f1f77bcf86cd799439013",
  "actor": {},
  "action": "member.invite",
  "resourceType": "member",
  "resourceId": "507f1f77bcf86cd799439014",
  "metadata": {},
  "ipAddress": "192.168.1.1",
  "userAgent": "Mozilla/5.0...",
  "auditSessionId": "sess_xxx",
  "traceId": {}
}
]

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations

List organizations

Get all organizations the authenticated user belongs to.

Bearer Token•Scopes: user:read

Request

curl -X GET "http://localhost:3030/api/user/organizations" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Response 200

Organizations retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": [
  {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "name": "Acme Corporation",
    "slug": "acme-corp",
    "status": "active",
    "type": "team",
    "tierId": {},
    "seatCap": 5,
    "slotCap": 5,
    "hasActiveSubscription": true,
    "isPersonal": false
  }
]
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations

Create organization

Create a new organization. The authenticated user becomes the owner.

Bearer Token•Scopes: user:write

Request

curl -X POST "http://localhost:3030/api/user/organizations" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"name":"Acme Corporation","slug":"acme-corp"}'

const response = await fetch("http://localhost:3030/api/user/organizations", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "name": "Acme Corporation",
  "slug": "acme-corp"
}),
});

const data = await response.json();
console.log(data);

Body Parameters

Name	Type	Description
`name`required	string	Organization name `Acme Corporation`
`slug`	string	URL-friendly slug (auto-generated if not provided) `acme-corp`

Response 201

Organization created successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "name": "Acme Corporation",
  "slug": "acme-corp",
  "status": "active",
  "type": "team",
  "tierId": {},
  "subscription": {
    "stripeSubscriptionId": "sub_xxx",
    "status": "active",
    "interval": "monthly",
    "currentPeriodEnd": "2024-12-31T23:59:59.000Z",
    "cancelAt": null
  },
  "hasActiveSubscription": true,
  "seatCap": 5,
  "slotCap": 5,
  "slotPacks": 0,
  "creditBalance": 1500,
  "requireMfa": false,
  "ssoEnabled": false,
  "isPersonal": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}

Get organization

Get organization details.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Organization retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "name": "Acme Corporation",
  "slug": "acme-corp",
  "status": "active",
  "type": "team",
  "tierId": {},
  "subscription": {
    "stripeSubscriptionId": "sub_xxx",
    "status": "active",
    "interval": "monthly",
    "currentPeriodEnd": "2024-12-31T23:59:59.000Z",
    "cancelAt": null
  },
  "hasActiveSubscription": true,
  "seatCap": 5,
  "slotCap": 5,
  "slotPacks": 0,
  "creditBalance": 1500,
  "requireMfa": false,
  "ssoEnabled": false,
  "isPersonal": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}

Update organization

Update organization details. Requires owner + admin.

Bearer Token•Scopes: organization:manage-members

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"name":"Acme Inc","slug":"acme-inc"}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "name": "Acme Inc",
  "slug": "acme-inc"
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`name`	string	`Acme Inc`
`slug`	string	`acme-inc`

Response 200

Organization updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "name": "Acme Corporation",
  "slug": "acme-corp",
  "status": "active",
  "type": "team",
  "tierId": {},
  "subscription": {
    "stripeSubscriptionId": "sub_xxx",
    "status": "active",
    "interval": "monthly",
    "currentPeriodEnd": "2024-12-31T23:59:59.000Z",
    "cancelAt": null
  },
  "hasActiveSubscription": true,
  "seatCap": 5,
  "slotCap": 5,
  "slotPacks": 0,
  "creditBalance": 1500,
  "requireMfa": false,
  "ssoEnabled": false,
  "isPersonal": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/members

List members

Get all members of the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/members" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/members", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Members retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": [
  {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "createdAt": "2024-01-01T00:00:00.000Z",
    "updatedAt": "2024-01-15T10:30:00.000Z",
    "organizationId": "550e8400-e29b-41d4-a716-446655440001",
    "role": {},
    "status": "active",
    "invitedAt": "2024-01-01T00:00:00.000Z",
    "joinedAt": "2024-01-02T00:00:00.000Z",
    "user": {
      "id": "507f1f77bcf86cd799439013",
      "fullName": "John Doe"
    },
    "invitedBy": {},
    "canManageMembers": true,
    "canManageProjects": true,
    "canManageBilling": false
  }
]
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}/members/{memberId}/role

Update member role

Change a member's role. Requires owner + admin.

Bearer Token•Scopes: organization:manage-members

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}/members/{memberId}/role" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"role":{}}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/members/{memberId}/role", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "role": {}
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`memberId`required	string	Member/Membership ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`role`required	any

Response 200

Member role updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "role": {},
  "status": "active",
  "invitedAt": "2024-01-01T00:00:00.000Z",
  "joinedAt": "2024-01-02T00:00:00.000Z",
  "user": {
    "id": "507f1f77bcf86cd799439013",
    "fullName": "John Doe"
  },
  "invitedBy": {},
  "canManageMembers": true,
  "canManageProjects": true,
  "canManageBilling": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

DELETE

/api/user/organizations/{organizationId}/members/{memberId}

Remove member

Remove a member from the organization. Requires owner + admin.

Bearer Token•Scopes: organization:manage-members

Request

curl -X DELETE "http://localhost:3030/api/user/organizations/{organizationId}/members/{memberId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/members/{memberId}", {
method: "DELETE",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`memberId`required	string	Member/Membership ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Member removed successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "message": "string"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/my-membership

Get my membership

Get the authenticated user's membership details in the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/my-membership" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/my-membership", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Membership retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "role": {},
  "status": "active",
  "invitedAt": "2024-01-01T00:00:00.000Z",
  "joinedAt": "2024-01-02T00:00:00.000Z",
  "user": {
    "id": "507f1f77bcf86cd799439013",
    "fullName": "John Doe"
  },
  "invitedBy": {},
  "canManageMembers": true,
  "canManageProjects": true,
  "canManageBilling": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/invites

List organization invites

Get all pending invites for the organization.

Bearer Token•Scopes: organization:manage-members

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/invites" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/invites", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Invites retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": [
  {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "createdAt": "2024-01-01T00:00:00.000Z",
    "updatedAt": "2024-01-15T10:30:00.000Z",
    "organizationId": "550e8400-e29b-41d4-a716-446655440001",
    "role": {},
    "status": "active",
    "invitedAt": "2024-01-01T00:00:00.000Z",
    "joinedAt": "2024-01-02T00:00:00.000Z",
    "user": {
      "id": "507f1f77bcf86cd799439013",
      "fullName": "John Doe"
    },
    "invitedBy": {},
    "canManageMembers": true,
    "canManageProjects": true,
    "canManageBilling": false
  }
]
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations/{organizationId}/invites

Send invitations

Invite new members to the organization.

Bearer Token•Scopes: organization:manage-members

Request

curl -X POST "http://localhost:3030/api/user/organizations/{organizationId}/invites" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"emails":["[email protected]"],"role":{}}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/invites", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "emails": [
    "[email protected]"
  ],
  "role": {}
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`emails`required	string[]	Email addresses to invite
`role`required	any

Response 200

Invites sent successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "sent": [
    "[email protected]"
  ],
  "alreadyMembers": [
    "[email protected]"
  ],
  "alreadyInvited": [
    "[email protected]"
  ],
  "invalidEmails": [
    "string"
  ]
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

DELETE

/api/user/organizations/{organizationId}/invites/{memberId}

Cancel invitation

Cancel a pending invitation.

Bearer Token•Scopes: organization:manage-members

Request

curl -X DELETE "http://localhost:3030/api/user/organizations/{organizationId}/invites/{memberId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/invites/{memberId}", {
method: "DELETE",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`memberId`required	string	Member/Membership ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Invite cancelled successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "message": "string"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations/{organizationId}/invites/{memberId}/resend

Resend invitation

Resend an invitation email to a pending member.

Bearer Token•Scopes: organization:manage-members

Request

curl -X POST "http://localhost:3030/api/user/organizations/{organizationId}/invites/{memberId}/resend" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/invites/{memberId}/resend", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`memberId`required	string	Member/Membership ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Invite resent successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "role": {},
  "status": "active",
  "invitedAt": "2024-01-01T00:00:00.000Z",
  "joinedAt": "2024-01-02T00:00:00.000Z",
  "user": {
    "id": "507f1f77bcf86cd799439013",
    "fullName": "John Doe"
  },
  "invitedBy": {},
  "canManageMembers": true,
  "canManageProjects": true,
  "canManageBilling": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/invites/{token}/accept

Accept invitation

Accept an organization invitation using the invite token.

Bearer Token•Scopes: user:write

Request

curl -X POST "http://localhost:3030/api/user/invites/{token}/accept" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/invites/{token}/accept", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`token`required	string	Invitation token

Response 201

Invitation accepted successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "createdAt": "2024-01-01T00:00:00.000Z",
  "updatedAt": "2024-01-15T10:30:00.000Z",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "role": {},
  "status": "active",
  "invitedAt": "2024-01-01T00:00:00.000Z",
  "joinedAt": "2024-01-02T00:00:00.000Z",
  "user": {
    "id": "507f1f77bcf86cd799439013",
    "fullName": "John Doe"
  },
  "invitedBy": {},
  "canManageMembers": true,
  "canManageProjects": true,
  "canManageBilling": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/settings/billing

Get billing settings

Get billing settings for the organization. Requires owner.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/settings/billing" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/billing", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Billing settings retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "billingEmail": "[email protected]",
  "effectiveEmail": "[email protected]"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}/settings/billing

Update billing settings

Update billing settings for the organization. Requires owner.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}/settings/billing" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"billingEmail":"[email protected]"}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/billing", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "billingEmail": "[email protected]"
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`billingEmail`required	string,null	Email address for billing communications. Set to null to use owner email. `[email protected]`

Response 200

Billing settings updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "billingEmail": "[email protected]",
  "effectiveEmail": "[email protected]"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/mfa

Get MFA settings

Get MFA settings for the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/mfa" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/mfa", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

MFA settings retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "requireMfa": true,
  "gracePeriodDays": 7,
  "gracePeriodEndsAt": "2024-01-15T00:00:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}/mfa

Update MFA settings

Update MFA requirements for the organization. Requires owner + admin.

Bearer Token•Scopes: organization:manage-members

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}/mfa" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"requireMfa":true,"gracePeriodDays":7}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/mfa", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "requireMfa": true,
  "gracePeriodDays": 7
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`requireMfa`required	boolean	Whether to require MFA `true`
`gracePeriodDays`	number	Grace period in days `7`

Response 200

MFA settings updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "requireMfa": true,
  "gracePeriodDays": 7,
  "gracePeriodEndsAt": "2024-01-15T00:00:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/mfa/compliance

Get MFA compliance status

Get MFA compliance status across organization members.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/mfa/compliance" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/mfa/compliance", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

MFA compliance status retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "isCompliant": true,
  "compliancePercentage": 85,
  "totalMembers": 10,
  "compliantMembers": 8,
  "nonCompliantMembers": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "userId": "550e8400-e29b-41d4-a716-446655440001",
      "email": "[email protected]",
      "fullName": "John Doe"
    }
  ],
  "gracePeriodActive": false,
  "gracePeriodEndsAt": "2024-01-15T00:00:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/settings/sso

Get SSO configuration

Get SSO configuration for the organization.

Bearer Token•Scopes: organization:manage-members

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/settings/sso" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/sso", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

SSO configuration retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "enabled": true,
  "provider": "okta",
  "domain": "acme.com",
  "issuerUrl": "https://acme.okta.com",
  "clientId": "0oa..."
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}/settings/sso

Update SSO configuration

Update organization SSO configuration. Requires owner.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}/settings/sso" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"provider":"okta","issuerUrl":"https://example.com","clientId":"string","clientSecret":"string"}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/sso", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "provider": "okta",
  "issuerUrl": "https://example.com",
  "clientId": "string",
  "clientSecret": "string"
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`provider`required	SsoProvider	SSO provider `okta`
`issuerUrl`required	string	OIDC issuer URL
`clientId`required	string	OAuth client ID
`clientSecret`required	string	OAuth client secret

Response 200

SSO configuration updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "enabled": true,
  "provider": "okta",
  "domain": "acme.com",
  "issuerUrl": "https://acme.okta.com",
  "clientId": "0oa..."
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

DELETE

/api/user/organizations/{organizationId}/settings/sso

Disable SSO

Remove SSO configuration from the organization.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X DELETE "http://localhost:3030/api/user/organizations/{organizationId}/settings/sso" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/sso", {
method: "DELETE",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

SSO configuration deleted successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "message": "string"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations/{organizationId}/settings/sso/test

Test SSO configuration

Test the SSO configuration by attempting a connection.

Bearer Token•Scopes: organization:manage-members

Request

curl -X POST "http://localhost:3030/api/user/organizations/{organizationId}/settings/sso/test" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/sso/test", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

SSO test completed

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "success": true,
  "connectionSuccessful": true,
  "message": "string",
  "error": "string"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/domains

List organization domains

Get all domains associated with the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/domains" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/domains", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Domains retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "domains": [
    {
      "id": "string",
      "domain": "acme.com",
      "status": "pending",
      "verificationMethod": "dns_txt",
      "dnsRecordName": "_<project>-verify.acme.com",
      "dnsRecordValue": "abc123...",
      "verifiedAt": {},
      "lastVerificationAttempt": {},
      "verificationError": {},
      "createdAt": "string",
      "organizationId": "550e8400-e29b-41d4-a716-446655440000",
      "updatedAt": "2024-01-15T10:30:00.000Z"
    }
  ]
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations/{organizationId}/domains

Add domain for verification

Add a new domain to verify. Returns a verification token for DNS TXT record.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X POST "http://localhost:3030/api/user/organizations/{organizationId}/domains" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"domain":"acme.com"}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/domains", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "domain": "acme.com"
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`domain`required	string	Domain to add for verification `acme.com`

Response 201

Domain added, verification pending

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "string",
  "domain": "acme.com",
  "status": "pending",
  "verificationMethod": "dns_txt",
  "dnsRecordName": "_<project>-verify.acme.com",
  "dnsRecordValue": "abc123...",
  "verifiedAt": {},
  "lastVerificationAttempt": {},
  "verificationError": {},
  "createdAt": "string",
  "organizationId": "550e8400-e29b-41d4-a716-446655440000",
  "updatedAt": "2024-01-15T10:30:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/domains/{domainId}

Get domain

Get a specific domain for the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`domainId`required	string	Domain ID `550e8400-e29b-41d4-a716-446655440001`

Response 200

Domain retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "string",
  "domain": "acme.com",
  "status": "pending",
  "verificationMethod": "dns_txt",
  "dnsRecordName": "_<project>-verify.acme.com",
  "dnsRecordValue": "abc123...",
  "verifiedAt": {},
  "lastVerificationAttempt": {},
  "verificationError": {},
  "createdAt": "string",
  "organizationId": "550e8400-e29b-41d4-a716-446655440000",
  "updatedAt": "2024-01-15T10:30:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

DELETE

/api/user/organizations/{organizationId}/domains/{domainId}

Remove domain

Remove a domain from the organization.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X DELETE "http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}", {
method: "DELETE",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`domainId`required	string	Domain ID `550e8400-e29b-41d4-a716-446655440001`

Response 200

Domain removed successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "message": "string"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

POST

/api/user/organizations/{organizationId}/domains/{domainId}/verify

Verify domain ownership

Attempt to verify domain ownership by checking DNS TXT record.

Bearer Token•Scopes: organization:manage-billing

Request

curl -X POST "http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}/verify" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/domains/{domainId}/verify", {
method: "POST",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`
`domainId`required	string	Domain ID `550e8400-e29b-41d4-a716-446655440001`

Response 200

Verification attempted

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "id": "string",
  "domain": "acme.com",
  "status": "pending",
  "verificationMethod": "dns_txt",
  "dnsRecordName": "_<project>-verify.acme.com",
  "dnsRecordValue": "abc123...",
  "verifiedAt": {},
  "lastVerificationAttempt": {},
  "verificationError": {},
  "createdAt": "string",
  "organizationId": "550e8400-e29b-41d4-a716-446655440000",
  "updatedAt": "2024-01-15T10:30:00.000Z"
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

GET

/api/user/organizations/{organizationId}/settings/security

Get security settings

Get security settings for the organization.

Bearer Token•Scopes: organization:read

Request

curl -X GET "http://localhost:3030/api/user/organizations/{organizationId}/settings/security" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json"

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/security", {
method: "GET",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Response 200

Security settings retrieved successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "authRequired": "any",
  "requireMfa": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

PUT

/api/user/organizations/{organizationId}/settings/security

Update security settings

Update security settings for the organization. Requires owner.

Bearer Token•Scopes: organization:manage-security

Request

curl -X PUT "http://localhost:3030/api/user/organizations/{organizationId}/settings/security" -H "Authorization: Bearer YOUR_ACCESS_TOKEN" -H "Content-Type: application/json" -d '{"authRequired":{},"requireMfa":true}'

const response = await fetch("http://localhost:3030/api/user/organizations/{organizationId}/settings/security", {
method: "PUT",
headers: {
  "Authorization": "Bearer YOUR_ACCESS_TOKEN",
  "Content-Type": "application/json",
},
body: JSON.stringify({
  "authRequired": {},
  "requireMfa": true
}),
});

const data = await response.json();
console.log(data);

Path Parameters

Name	Type	Description
`organizationId`required	string	Organization ID `550e8400-e29b-41d4-a716-446655440000`

Body Parameters

Name	Type	Description
`authRequired`	any
`requireMfa`	boolean	Whether MFA is required for all members `true`

Response 200

Security settings updated successfully

{
"success": true,
"status": 200,
"code": "OK",
"message": "Operation completed successfully",
"data": {
  "authRequired": "any",
  "requireMfa": false
}
}

Error Responses

401— Unauthorized - Invalid or missing authentication

{
"success": false,
"status": 401,
"code": "UNAUTHORIZED",
"message": "Authentication required"
}

403— Forbidden - Insufficient permissions

{
"success": false,
"status": 403,
"code": "FORBIDDEN",
"message": "You do not have permission to perform this action"
}

Auth API

Payments API

User API

Account settings

Projects API

Create, update, and manage projects

Payments API

Subscriptions and billing via Stripe