Organizations API
Organization APIs let authenticated users inspect active organizations, create organizations when allowed, view members, and manage member roles when they have organization management permission.
Common endpoints
Section titled “Common endpoints”GET /organizationsPOST /organizationsGET /organizations/{organizationId}GET /organizations/{organizationId}/membersGET /organizations/{organizationId}/invitesPOST /organizations/{organizationId}/members/{memberId}/rolesDELETE /organizations/{organizationId}/members/{memberId}/roles/{roleId}
Permission behavior
Section titled “Permission behavior”Basic membership is enough to see some organization context. Managing members or roles requires organization management permission, such as darkauth.org:manage.
Member responses may include less profile detail when the caller does not have management permission.
Token context
Section titled “Token context”Organization API behavior should match token context. Applications should avoid mixing resources across organizations unless the user has explicit permission for both.