Invitations API

Organization API

The Invitations API manages organization invitation workflows.

Quick Navigation

• Overview
• Base Path
• Authentication
• Invitations Flow
• Endpoints
• Permission Scoping
• Internal Notes
• Swagger Documentation

Overview

This module provides:

• Listing invitations (with permission scoping)
• Revoking invitations
• Retrieving invitation details
• Accepting invitations

Base Path

All invitation endpoints are prefixed with /api/v1/invitations

Authentication

Most endpoints require authentication:

Authorization: Bearer <access_token>

Invitations Flow

The Invitations API manages organization invitation workflows. Administrators can create and manage invitations, while users can view and accept invitations to join organizations.

Invitations Flow Diagram

View Flow Diagram

Invitations Flow Overview:

This flow diagram illustrates the organization invitation workflow. It shows how administrators create invitations, how users receive and accept invitations, and the permission scoping for invitation management.

Key Flow Components:

1. Invitation Creation: Administrators create invitations with role assignments for new members
2. Invitation Delivery: Invitations are sent via email with unique tokens
3. Invitation Acceptance: Users can view invitation details and accept to join organizations
4. Permission Scoping: System admins see all invitations, org admins see their org's invitations
5. Membership Creation: Accepting invitations automatically creates memberships and role assignments

Internal Developer Notes:

• Invitations expire after 7 days (configurable)
• Invitation tokens are unique and single-use
• Permission scoping ensures users only see relevant invitations
• Accepting invitations creates organization memberships automatically

Endpoints

Method	Endpoint	Description
GET	/	List invitations
DELETE	/{invitation_id}	Revoke invitation
GET	/{invitation_token}	Get invitation by token (public)
POST	/{invitation_token}/accept	Accept invitation

Permission Scoping

• System admin: See all invitations
• Organization admin: See invitations in their organizations
• Member with invite permission: See invitations where they have permission

Internal Notes

• All endpoints are fully implemented
• Invitations expire after 7 days (configurable)
• Invitation acceptance creates membership and role assignment

Swagger Documentation

Interactive API documentation available at: /docs#/invitations