Skip to content

Invite a user to the organization

POST
/api/organizations/{organizationId}/invitations

Creates a pending invitation for the given email address and role and emails the invitee a link to accept it. The email is lowercased and trimmed before storage. Rejected with 422 when a pending invitation for the same email already exists in this organization, when the invitee is already a member, or when a non-OWNER attempts to grant the OWNER role. The expiry (expiresAt) is derived from the INVITATION_TTL_DAYS configuration and the status starts as "pending".

Authorizations

ApiToken

Long-lived API token created via POST /api/api-tokens (returned once in plaintext).

Type
API Key (header: X-API-TOKEN)
or
JWT

JWT access token obtained via POST /api/auth/login. Send as: Authorization: Bearer .

Type
HTTP (bearer)

Parameters

Path Parameters

organizationId*

Organization identifier

Type
string
Required

Request Body

JSON
{
  
"email": "alice@example.com",
  
"role": "MANAGER"
}

Responses

invitation resource created

JSON
{
  
"@context": "string",
  
"@id": "string",
  
"@type": "string",
  
"id": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
  
"organization": "/api/organizations/1",
  
"email": "alice@example.com",
  
"role": "MANAGER",
  
"status": "pending",
  
"createdAt": "2026-07-01T10:15:30+00:00",
  
"expiresAt": "2026-07-08T10:15:30+00:00",
  
"acceptedAt": "2026-07-02T09:00:00+00:00",
  
"invitedBy": "https://example.com/"
}

Playground

Authorization
Variables
Key
Value
Body

Samples

Powered by VitePress OpenAPI