Skip to content

Organizations

In business-to-business (B2B) use cases, organizations represent your business customers and partners. You can manage these organizations, and delegate access so they can manage their own membership. Using member APIs, organizations can manage the profiles of their users, control which apps they can access, and federate login to those apps using their own SAML-based identity providers.

Download OpenAPI description
organizations.openapi.json
organizations.openapi.yaml
Languages
Servers
Sandbox environment
https://api.sbx.transmitsecurity.io/cis/
Production environment (US)
https://api.transmitsecurity.io/cis/
Production environment (EU)
https://api.eu.transmitsecurity.io/cis/
Production environment (CA)
https://api.ca.transmitsecurity.io/cis/
Production environment (AU)
https://api.au.transmitsecurity.io/cis/

Create organization

Request

Create an organization that represents your business customer or partner. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:create, orgs:create.

Security
AdminAccessToken
Bodyapplication/jsonrequired
namestringrequired

Name of the organization

domainsArray of stringsrequired

Domains of the organization

app_idsArray of stringsrequired

A list of applications the organization can access

enabledboolean

Indicates if the organization is currently enabled

alias_namestring

Alias name of the organization

domainstringDeprecatedrequired

Domain of the organization

curl -i -X POST \
  https://api.sbx.transmitsecurity.io/cis/v1/organizations \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "domain": "string",
    "domains": [
      "string"
    ],
    "app_ids": [
      "string"
    ],
    "enabled": true,
    "alias_name": "string"
  }'

Responses

Bodyapplication/json
resultobjectrequired
result.​organization_idstringrequired

ID of the organization

result.​app_idsArray of stringsrequired

A list of applications the organization can access

result.​namestringrequired

Name of the organization

result.​domainsArray of strings

Domains of the organization

result.​created_atnumber

Date the organization was created in the tenant

result.​updated_atnumber

Date the organization was last updated

result.​enabledbooleanrequired

Indicates if the organization is currently enabled

result.​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result.​managing_organization_idstring

ID of the managing organization

result.​logo_urlstring

The URL of the organization's logo

result.​alias_namestring

Alias name of the organization

result.​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": {
    "organization_id": "string",
    "app_ids": [],
    "name": "string",
    "domain": "string",
    "domains": [],
    "created_at": 0,
    "updated_at": 0,
    "enabled": true,
    "managed_organizations_by_app": {},
    "managing_organization_id": "string",
    "logo_url": "string",
    "alias_name": "string"
  }
}

Get organizations

Request

Retrieve a list of all organizations. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:read, orgs:read, organizations:list, orgs:list.

Security
AdminAccessToken
Query
namestring
curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations?name=string' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultArray of objectsrequired
result[].​organization_idstringrequired

ID of the organization

result[].​app_idsArray of stringsrequired

A list of applications the organization can access

result[].​namestringrequired

Name of the organization

result[].​domainsArray of strings

Domains of the organization

result[].​created_atnumber

Date the organization was created in the tenant

result[].​updated_atnumber

Date the organization was last updated

result[].​enabledbooleanrequired

Indicates if the organization is currently enabled

result[].​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result[].​managing_organization_idstring

ID of the managing organization

result[].​logo_urlstring

The URL of the organization's logo

result[].​alias_namestring

Alias name of the organization

result[].​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": [
    {}
  ]
}

Get organization by ID

Request

Retrieve an organization by ID. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:read, orgs:read.

Security
AdminAccessToken
Path
organization_idstringrequired

ID of the organization to retrieve

curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobjectrequired
result.​organization_idstringrequired

ID of the organization

result.​app_idsArray of stringsrequired

A list of applications the organization can access

result.​namestringrequired

Name of the organization

result.​domainsArray of strings

Domains of the organization

result.​created_atnumber

Date the organization was created in the tenant

result.​updated_atnumber

Date the organization was last updated

result.​enabledbooleanrequired

Indicates if the organization is currently enabled

result.​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result.​managing_organization_idstring

ID of the managing organization

result.​logo_urlstring

The URL of the organization's logo

result.​alias_namestring

Alias name of the organization

result.​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": {
    "organization_id": "string",
    "app_ids": [],
    "name": "string",
    "domain": "string",
    "domains": [],
    "created_at": 0,
    "updated_at": 0,
    "enabled": true,
    "managed_organizations_by_app": {},
    "managing_organization_id": "string",
    "logo_url": "string",
    "alias_name": "string"
  }
}

Update organization

Request

Update an organization's basic configuration. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:edit, orgs:edit.

Security
AdminAccessToken
Path
organization_idstringrequired

ID of the organization to update

Bodyapplication/jsonrequired
namestring

Name of the organization

domainsArray of strings

Domains of the organization

enabledboolean

Indicates if the organization is currently enabled

alias_namestring

Alias name of the organization

domainstringDeprecated

Domain of the organization

curl -i -X PUT \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "domain": "string",
    "domains": [
      "string"
    ],
    "enabled": true,
    "alias_name": "string"
  }'

Responses

Bodyapplication/json
resultobjectrequired
result.​organization_idstringrequired

ID of the organization

result.​app_idsArray of stringsrequired

A list of applications the organization can access

result.​namestringrequired

Name of the organization

result.​domainsArray of strings

Domains of the organization

result.​created_atnumber

Date the organization was created in the tenant

result.​updated_atnumber

Date the organization was last updated

result.​enabledbooleanrequired

Indicates if the organization is currently enabled

result.​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result.​managing_organization_idstring

ID of the managing organization

result.​logo_urlstring

The URL of the organization's logo

result.​alias_namestring

Alias name of the organization

result.​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": {
    "organization_id": "string",
    "app_ids": [],
    "name": "string",
    "domain": "string",
    "domains": [],
    "created_at": 0,
    "updated_at": 0,
    "enabled": true,
    "managed_organizations_by_app": {},
    "managing_organization_id": "string",
    "logo_url": "string",
    "alias_name": "string"
  }
}

Delete organization

Request

Delete an organization. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:delete, orgs:delete.

Security
AdminAccessToken
Path
organization_idstringrequired

The ID of the organization that should be deleted

curl -i -X DELETE \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
messageArray of stringsrequired
Example: "Bad request"
error_codenumberrequired
Example: 400
Response
application/json
{
  "message": "Bad request",
  "error_code": 400
}

Get organization by name

Request

Retrieve an organization by name. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:read, orgs:read.

Security
AdminAccessToken
Path
organization_namestringrequired

Name of the organization to retrieve

curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/name/{organization_name}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobjectrequired
result.​organization_idstringrequired

ID of the organization

result.​app_idsArray of stringsrequired

A list of applications the organization can access

result.​namestringrequired

Name of the organization

result.​domainsArray of strings

Domains of the organization

result.​created_atnumber

Date the organization was created in the tenant

result.​updated_atnumber

Date the organization was last updated

result.​enabledbooleanrequired

Indicates if the organization is currently enabled

result.​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result.​managing_organization_idstring

ID of the managing organization

result.​logo_urlstring

The URL of the organization's logo

result.​alias_namestring

Alias name of the organization

result.​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": {
    "organization_id": "string",
    "app_ids": [],
    "name": "string",
    "domain": "string",
    "domains": [],
    "created_at": 0,
    "updated_at": 0,
    "enabled": true,
    "managed_organizations_by_app": {},
    "managing_organization_id": "string",
    "logo_url": "string",
    "alias_name": "string"
  }
}

Add apps to organization

Request

Add apps to the organization so its members can access them. If the organization already has apps, this can be used to add additional ones. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:edit, orgs:edit.

Security
AdminAccessToken
Path
organization_idstringrequired

The ID of the organization that should be updated

Bodyapplication/jsonrequired
app_idsArray of stringsrequired

A list of applications to add the organization to

curl -i -X PUT \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}/apps' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "app_ids": [
      "string"
    ]
  }'

Responses

Response
No content

Remove apps from organization

Request

Remove apps from the organization so its members cannot access them. This should be called from the backend, using an admin access token (generated by a management app).

Required permissions: organizations:edit, orgs:edit.

Security
AdminAccessToken
Path
organization_idstringrequired

The ID of the organization that should be updated

Bodyapplication/jsonrequired
app_idsArray of stringsrequired

A list of applications to add the organization to

curl -i -X DELETE \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}/apps' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "app_ids": [
      "string"
    ]
  }'

Responses

Response
No content

Create managed organization

Request

Create a managed organization in context of a specific app. This should be called from the backend, using an admin access token (generated by a management app) or an organization admin access token.

Required permissions: organizations:create, orgs:create.

Security
AdminAccessToken
Path
organization_idstringrequired

The ID of the organization that creates the managed organization

app_idstringrequired

ID of application

Bodyapplication/jsonrequired
namestringrequired

Name of the organization

domainsArray of stringsrequired

Domains of the organization

enabledboolean

Indicates if the organization is currently enabled

alias_namestring

Alias name of the managed organization

domainstringDeprecatedrequired

Domain of the organization

curl -i -X POST \
  'https://api.sbx.transmitsecurity.io/cis/v1/organizations/{organization_id}/applications/{app_id}/managed-organizations' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "string",
    "domain": "string",
    "domains": [
      "string"
    ],
    "enabled": true,
    "alias_name": "string"
  }'

Responses

Bodyapplication/json
resultobjectrequired
result.​organization_idstringrequired

ID of the organization

result.​app_idsArray of stringsrequired

A list of applications the organization can access

result.​namestringrequired

Name of the organization

result.​domainsArray of strings

Domains of the organization

result.​created_atnumber

Date the organization was created in the tenant

result.​updated_atnumber

Date the organization was last updated

result.​enabledbooleanrequired

Indicates if the organization is currently enabled

result.​managed_organizations_by_appobject

Mapping of app IDs to managed organization IDs assigned to this app

result.​managing_organization_idstring

ID of the managing organization

result.​logo_urlstring

The URL of the organization's logo

result.​alias_namestring

Alias name of the organization

result.​domainstringDeprecatedrequired

Domain of the organization

Response
application/json
{
  "result": {
    "organization_id": "string",
    "app_ids": [],
    "name": "string",
    "domain": "string",
    "domains": [],
    "created_at": 0,
    "updated_at": 0,
    "enabled": true,
    "managed_organizations_by_app": {},
    "managing_organization_id": "string",
    "logo_url": "string",
    "alias_name": "string"
  }
}

Set org's role groups

Request

Update the role groups of the organization for a specific application, which will replace any existing role groups for the organization. These role groups must first be created for the application. Once added to the organization, roles that belong to these role groups can be assigned to members of the organization to control their access to the application.

Required permissions: organizations:edit, orgs:edit.

Security
AdminAccessToken
Path
app_idstringrequired

ID of the application to set the roles to

organization_idstringrequired

ID of the organization to set the roles to

Bodyapplication/jsonrequired
role_group_idsArray of stringsrequired

Role group ids

curl -i -X POST \
  'https://api.sbx.transmitsecurity.io/cis/v1/applications/{app_id}/organizations/{organization_id}/role-groups/set' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "role_group_ids": [
      "string"
    ]
  }'

Responses

Get org's role groups

Request

Retrieves all role groups that were added to the organization for a specific application. Roles that belong to these role groups can be assigned to members of the organization to control their access to the application.

Required permissions: organizations:read, orgs:read.

Security
AdminAccessToken
Path
app_idstringrequired

ID of the application to assign the roles to

organization_idstringrequired

ID of the organization to assign the roles to

curl -i -X GET \
  'https://api.sbx.transmitsecurity.io/cis/v1/applications/{app_id}/organizations/{organization_id}/role-groups' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json
resultobjectrequired
result.​role_groupsArray of objectsrequired

Role groups

result.​role_groups[].​group_idstringrequired

Group ID

result.​role_groups[].​namestringrequired

Group name

result.​role_groups[].​descriptionstring

Group description

result.​role_groups[].​rolesArray of objectsrequired

Group's roles

result.​role_groups[].​roles[].​role_idstringrequired

Role ID

result.​role_groups[].​roles[].​role_namestringrequired

Role name

result.​role_groups[].​roles[].​permissionsArray of strings

Role permissions

result.​role_groups[].​roles[].​app_idstring

Role's app id

result.​role_groups[].​roles[].​descriptionstring

Role's description

result.​role_groups[].​roles[].​display_namestring

Role's display name

result.​role_groups[].​display_namestring

Role group's display name

result.​default_organization_rolesArray of objectsrequired

Default organization roles

result.​default_organization_roles[].​role_idstringrequired

Role ID

result.​default_organization_roles[].​role_namestringrequired

Role name

result.​default_organization_roles[].​permissionsArray of strings

Role permissions

result.​default_organization_roles[].​app_idstring

Role's app id

result.​default_organization_roles[].​descriptionstring

Role's description

result.​default_organization_roles[].​display_namestring

Role's display name

Response
application/json
{
  "result": {
    "role_groups": [],
    "default_organization_roles": []
  }
}