# Organizations In business-to-business (B2B) use cases, organizations represent your business customers and partners. You can manage these organizations, and delegate access so they can manage their own membership. Using member APIs, organizations can manage the profiles of their users, control which apps they can access, and federate login to those apps using their own SAML-based identity providers. ## Servers Sandbox environment ``` https://api.sbx.transmitsecurity.io/cis ``` Production environment (US) ``` https://api.transmitsecurity.io/cis ``` Production environment (EU) ``` https://api.eu.transmitsecurity.io/cis ``` Production environment (CA) ``` https://api.ca.transmitsecurity.io/cis ``` Production environment (AU) ``` https://api.au.transmitsecurity.io/cis ``` ## Security ### bearer Type: http Scheme: bearer Bearer Format: JWT ### UserAccessToken A token returned upon end-user authentication, which provides access to resources and data for the user and app for which it was generated Type: http Scheme: bearer Bearer Format: JWT ### AdminAccessToken A token generated by a management application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to all resources for the tenant and its apps Type: oauth2 ### ClientAccessToken A token generated by an end-user application using the [token endpoint](/openapi/token.openapi/other/getaccesstoken). It provides access to resources and data on the tenant level or associated with the specific application (but not other apps in the tenant) Type: oauth2 ### OrgAdminAccessToken A token returned upon B2B authentication for a user that has the organizationAdmin or organizationCreator role. Type: oauth2 ## Download OpenAPI description [Organizations](https://developer.transmitsecurity.com/_bundle/openapi/user/organizations.openapi.yaml) ## Other ### Create organization - [POST /v1/organizations](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/createorganization.md): Create an organization that represents your business customer or partner. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:create, orgs:create. ### Get organizations - [GET /v1/organizations](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/getallorganizations.md): Retrieve a list of all organizations. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:read, orgs:read, organizations:list, orgs:list. ### Get organization by ID - [GET /v1/organizations/{organization_id}](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/getorganization.md): Retrieve an organization by ID. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:read, orgs:read. ### Update organization - [PUT /v1/organizations/{organization_id}](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/updateorganization.md): Update an organization's basic configuration. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:edit, orgs:edit. ### Delete organization - [DELETE /v1/organizations/{organization_id}](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/deleteorganization.md): Delete an organization. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:delete, orgs:delete. ### Get organization by name - [GET /v1/organizations/name/{organization_name}](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/getorganizationbyname.md): Retrieve an organization by name. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:read, orgs:read. ### Add apps to organization - [PUT /v1/organizations/{organization_id}/apps](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/addappstoorganization.md): Add apps to the organization so its members can access them. If the organization already has apps, this can be used to add additional ones. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:edit, orgs:edit. ### Remove apps from organization - [DELETE /v1/organizations/{organization_id}/apps](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/removeappsfromorganization.md): Remove apps from the organization so its members cannot access them. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:edit, orgs:edit. ### Upload organization logo - [POST /v1/organizations/{organization_id}/logo](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/uploadlogo.md): Upload the organization logo and update the logo URL in the database. This should be called from the backend, using an admin access token (generated by a management app). Required permissions: organizations:edit, orgs:edit. ### Create managed organization - [POST /v1/organizations/{organization_id}/applications/{app_id}/managed-organizations](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/createmanagedorganization.md): Create a managed organization in context of a specific app. This should be called from the backend, using an admin access token (generated by a management app) or an organization admin access token. Required permissions: organizations:create, orgs:create. ### Set org's role groups - [POST /v1/applications/{app_id}/organizations/{organization_id}/role-groups/set](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/setassignedrolegroups.md): Update the role groups of the organization for a specific application, which will replace any existing role groups for the organization. These role groups must first be created for the application. Once added to the organization, roles that belong to these role groups can be assigned to members of the organization to control their access to the application. Required permissions: organizations:edit, orgs:edit. ### Get org's role groups - [GET /v1/applications/{app_id}/organizations/{organization_id}/role-groups](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/getassignedrolegroups.md): Retrieves all role groups that were added to the organization for a specific application. Roles that belong to these role groups can be assigned to members of the organization to control their access to the application. Required permissions: organizations:read, orgs:read. ### Set org's roles and role groups - [POST /v1/applications/{app_id}/organizations/{organization_id}/roles-and-groups/set](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/setassignedrolesandgroups.md): Update the roles and role groups of the organization for a specific application, which will replace any existing assignments. These roles and role groups must first be created for the application. Once added to the organization, roles that belong to these role groups or are directly assigned can be assigned to members of the organization to control their access to the application. Required permissions: organizations:edit, orgs:edit. ### Get org's roles and role groups - [GET /v1/applications/{app_id}/organizations/{organization_id}/roles-and-groups](https://developer.transmitsecurity.com/openapi/user/organizations.openapi/other/getassignedrolesandgroups.md): Retrieves all roles and role groups that were added to the organization for a specific application. Roles that belong to these role groups or are directly assigned can be assigned to members of the organization to control their access to the application. Required permissions: organizations:read, orgs:read.