Org Management
Manage orgs, members, and API keys. All endpoints require JWT authentication (OAuth access token).
Orgs
List orgs
GET /v1/orgsReturns the orgs the authenticated user belongs to.
Response (200):
{
"orgs": [
{
"id": "org_xxx",
"name": "Acme Corp",
"role": "admin",
"createdAt": 1704067200000
}
]
}Create org
POST /v1/orgsCreates a new org. The authenticated user becomes its admin.
| Field | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Org display name |
Response (201):
{ "id": "org_xxx", "name": "Acme Corp", "createdAt": 1704067200000 }Update org
PATCH /v1/orgs/:orgIdUpdate org settings. Requires admin role.
| Field | Type | Required | Description |
|---|---|---|---|
name | string | No | New org name |
Members
List members
GET /v1/orgs/:orgId/membersList all members of an org. Requires admin or member role.
Response (200):
{
"members": [
{
"userId": "usr_xxx",
"email": "[email protected]",
"name": "Alice",
"role": "admin",
"joinedAt": 1704067200000
}
]
}Invite member
POST /v1/orgs/:orgId/membersAdd a user to the org by email. Requires admin role. The user must already have a Passage account.
| Field | Type | Required | Description |
|---|---|---|---|
email | string | Yes | User’s email address |
role | string | No | admin, member, or viewer (default: member) |
Response (201): { "ok": true }
Update member role
PATCH /v1/orgs/:orgId/members/:userIdChange a member’s role. Requires admin role.
| Field | Type | Required | Description |
|---|---|---|---|
role | string | Yes | admin, member, or viewer |
Remove member
DELETE /v1/orgs/:orgId/members/:userIdRemove a member from the org. Requires admin role.
API Keys
List keys
GET /v1/orgs/:orgId/keysList API keys for an org. Requires admin or member role.
Response (200):
{
"keys": [
{
"id": "key_xxx",
"keyPrefix": "psg_abc1234",
"name": "Production",
"createdAt": 1704067200000,
"revokedAt": null,
"expiresAt": null
}
]
}Create key
POST /v1/orgs/:orgId/keysCreate a new API key. Requires admin role. The full key is only returned once.
| Field | Type | Required | Description |
|---|---|---|---|
name | string | No | Display name for the key |
expiresIn | integer | No | Expiry in seconds from now |
Response (201):
{
"id": "key_xxx",
"key": "psg_abc1234def5678...",
"prefix": "psg_abc1234",
"expiresAt": null
}Revoke key
DELETE /v1/orgs/:orgId/keys/:keyIdRevoke an API key. Requires admin role. Revoked keys immediately stop working.
Next steps
- Authentication — Auth model overview
- Create Session — Use an API key to create sessions