Organizations

Download OpenAPI specification:Download

In business-to-business (B2B) use cases, organizations represent your business customers and partners. You can manage these organizations, and delegate access so they can manage their own membership. Using member APIs, organizations can manage the profiles of their users, control which apps they can access, and federate login to those apps using their own SAML-based identity providers.

Create organization

Create an organization that represents your business customer or partner. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Request
Request Body schema: application/json
required
name
required
string

Name of the organization

domain
required
string
Deprecated

Domain of the organization

domains
required
Array of strings

Domains of the organization

app_ids
required
Array of strings

A list of applications the organization can access

enabled
boolean

Indicates if the organization is currently enabled

Responses
201
400
409
post/v1/organizations
Request samples
application/json
{
  • "name": "string",
  • "domain": "string",
  • "domains": [
    ],
  • "app_ids": [
    ],
  • "enabled": true
}
Response samples
application/json
{
  • "result": {
    }
}

Get organizations

Retrieve a list of all organizations. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Responses
200
get/v1/organizations
Request samples
Response samples
application/json
{
  • "result": [
    ]
}

Get organization by ID

Retrieve an organization by ID. This should be called from the backend, using an admin access token (generated by a management app)

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

ID of the organization to retrieve

Responses
200
404
get/v1/organizations/{organization_id}
Request samples
Response samples
application/json
{
  • "result": {
    }
}

Update organization

Update an organization's basic configuration. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

ID of the organization to update

Request Body schema: application/json
required
name
string

Name of the organization

domain
string
Deprecated

Domain of the organization

domains
Array of strings

Domains of the organization

enabled
boolean

Indicates if the organization is currently enabled

Responses
200
400
404
put/v1/organizations/{organization_id}
Request samples
application/json
{
  • "name": "string",
  • "domain": "string",
  • "domains": [
    ],
  • "enabled": true
}
Response samples
application/json
{
  • "result": {
    }
}

Delete organization

Delete an organization. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

The ID of the organization that should be deleted

Responses
400
404
delete/v1/organizations/{organization_id}
Request samples
Response samples
application/json
{
  • "message": "Bad request",
  • "error_code": 400
}

Get organization by name

Retrieve an organization by name. This should be called from the backend, using an admin access token (generated by a management app)

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_name
required
string

Name of the organization to retrieve

Responses
200
404
get/v1/organizations/name/{organization_name}
Request samples
Response samples
application/json
{
  • "result": {
    }
}

Add apps to organization

Add apps to the organization so its members can access them. If the organization already has apps, this can be used to add additional ones. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

The ID of the organization that should be updated

Request Body schema: application/json
required
app_ids
required
Array of strings

A list of applications to add the organization to

Responses
204
400
404
put/v1/organizations/{organization_id}/apps
Request samples
application/json
{
  • "app_ids": [
    ]
}
Response samples
application/json
{
  • "message": "Bad request",
  • "error_code": 400
}

Remove apps from organization

Remove apps from the organization so its members cannot access them. This should be called from the backend, using an admin access token (generated by a management app).

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

The ID of the organization that should be updated

Request Body schema: application/json
required
app_ids
required
Array of strings

A list of applications to add the organization to

Responses
204
400
404
delete/v1/organizations/{organization_id}/apps
Request samples
application/json
{
  • "app_ids": [
    ]
}
Response samples
application/json
{
  • "message": "Bad request",
  • "error_code": 400
}

Create managed organization

Create a managed organization in context of a specific app. This should be called from the backend, using an admin access token (generated by a management app) or an organization admin access token.

SecurityOAuth2: AdminAccessToken
Request
path Parameters
organization_id
required
string

The ID of the organization that creates the managed organization

app_id
required
string

ID of application

Request Body schema: application/json
required
name
required
string

Name of the organization

domain
required
string
Deprecated

Domain of the organization

domains
required
Array of strings

Domains of the organization

enabled
boolean

Indicates if the organization is currently enabled

Responses
201
409
post/v1/organizations/{organization_id}/applications/{app_id}/managed-organizations
Request samples
application/json
{
  • "name": "string",
  • "domain": "string",
  • "domains": [
    ],
  • "enabled": true
}
Response samples
application/json
{
  • "result": {
    }
}

Set org's role groups

Update the role groups of the organization for a specific application, which will replace any existing role groups for the organization. These role groups must first be created for the application. Once added to the organization, roles that belong to these role groups can be assigned to members of the organization to control their access to the application.

SecurityOAuth2: AdminAccessToken
Request
path Parameters
app_id
required
string

ID of the application to set the roles to

organization_id
required
string

ID of the organization to set the roles to

Request Body schema: application/json
required
role_group_ids
required
Array of strings

Role group ids

Responses
202
post/v1/applications/{app_id}/organizations/{organization_id}/role-groups/set
Request samples
application/json
{
  • "role_group_ids": [
    ]
}

Get org's role groups

Retrieves all role groups that were added to the organization for a specific application. Roles that belong to these role groups can be assigned to members of the organization to control their access to the application.

SecurityOAuth2: AdminAccessToken
Request
path Parameters
app_id
required
string

ID of the application to assign the roles to

organization_id
required
string

ID of the organization to assign the roles to

Responses
200
get/v1/applications/{app_id}/organizations/{organization_id}/role-groups
Request samples
Response samples
application/json
{
  • "result": {
    }
}