Skip to main content

Organizations API

Base paths: /api/orgs, /api/public/orgs

All endpoints require Authorization: Bearer <token> unless marked public.

Core Organization

Create Organisation (admin only)

POST /api/orgs
Authorization: Bearer <systemAdminToken>
{
  "name": "My Association",
  "slug": "my-association",
  "subdomain": "my-association",
  "email": "[email protected]",
  "orgType": "ASSOCIATION"
}

List Organisations (admin only)

GET /api/orgs
Authorization: Bearer <systemAdminToken>

Get Organisation by ID

GET /api/orgs/{id}
Authorization: Bearer <token>

Get by Slug (public)

GET /api/orgs/slug/{slug}

Get by Subdomain (public)

GET /api/orgs/subdomain/{subdomain}

Update Organisation

PUT /api/orgs/{id}
Authorization: Bearer <adminToken>
{
  "name": "Updated Name",
  "description": "About us...",
  "website_url": "https://example.org",
  "allow_join_requests": true
}

Delete Organisation

DELETE /api/orgs/{id}
Authorization: Bearer <ownerToken>

List Roles

GET /api/orgs/{id}/roles
Authorization: Bearer <adminToken>

Health

GET /api/orgs/health

Branding & Assets

Get Branding

GET /api/orgs/{orgId}/branding
Authorization: Bearer <token>

Also available publicly:

GET /api/public/orgs/{slug}/branding

Update Branding

PUT /api/orgs/{orgId}/branding
Authorization: Bearer <adminToken>
{
  "primaryColor": "#2563eb",
  "secondaryColor": "#1e40af",
  "fontFamily": "Inter",
  "logoUrl": "https://..."
}

Upload Asset

POST /api/orgs/{orgId}/assets
Authorization: Bearer <adminToken>
Content-Type: multipart/form-data

file=<binary>
assetType=LOGO

Update Asset

PUT /api/orgs/{orgId}/assets/{assetId}
Authorization: Bearer <adminToken>

Delete Asset

DELETE /api/orgs/{orgId}/assets/{assetId}
Authorization: Bearer <adminToken>

Invitations

Send Invitation

POST /api/orgs/{organizationId}/invitations
Authorization: Bearer <adminToken>
{
  "email": "[email protected]",
  "roleId": "role-uuid",
  "message": "We'd love for you to join!"
}

List Invitations

GET /api/orgs/{organizationId}/invitations
Authorization: Bearer <adminToken>

Cancel Invitation

DELETE /api/orgs/{organizationId}/invitations/{invitationId}
Authorization: Bearer <adminToken>

Accept Invitation (public)

POST /api/orgs/{organizationId}/invitations/{token}/accept

Join Requests

Submit Join Request (public)

POST /api/public/orgs/{slug}/join-requests
{
  "firstName": "Jane",
  "lastName": "Doe",
  "email": "[email protected]",
  "message": "I'd like to join your association."
}

List Join Requests

GET /api/orgs/{organizationId}/join-requests
Authorization: Bearer <adminToken>

Pending Count

GET /api/orgs/{organizationId}/join-requests/pending-count
Authorization: Bearer <adminToken>

Approve

POST /api/orgs/{organizationId}/join-requests/{requestId}/approve
Authorization: Bearer <adminToken>

Reject

POST /api/orgs/{organizationId}/join-requests/{requestId}/reject
Authorization: Bearer <adminToken>

Member Directory

Get Directory

GET /api/orgs/{organizationId}/directory
Authorization: Bearer <token>

Get Directory Config

GET /api/orgs/{organizationId}/directory/config
Authorization: Bearer <adminToken>

Update Directory Config

PUT /api/orgs/{organizationId}/directory/config
Authorization: Bearer <adminToken>
{
  "visibility": "MEMBERS_ONLY",
  "showEmail": false,
  "showPhone": false,
  "allowMemberSearch": true
}

Email Templates

List Templates

GET /api/orgs/{organizationId}/email-templates
Authorization: Bearer <adminToken>

Get Template by Type

GET /api/orgs/{organizationId}/email-templates/type/{type}
Authorization: Bearer <adminToken>

Types: WELCOME, INVITATION, PASSWORD_RESET, EVENT_CONFIRMATION, etc.

Update Template

PUT /api/orgs/{organizationId}/email-templates/{templateId}
Authorization: Bearer <adminToken>
{
  "subject": "Welcome to {{org.name}}!",
  "body": "<h1>Hello {{user.firstName}}</h1>..."
}

Preview Template

POST /api/orgs/{organizationId}/email-templates/{templateId}/preview
Authorization: Bearer <adminToken>

Reset to Default

POST /api/orgs/{organizationId}/email-templates/reset/{type}
Authorization: Bearer <adminToken>

SMTP Configuration

Get Config

GET /api/orgs/{organizationId}/smtp
Authorization: Bearer <adminToken>

Update Config

PUT /api/orgs/{organizationId}/smtp
Authorization: Bearer <adminToken>
{
  "host": "smtp.gmail.com",
  "port": 587,
  "username": "[email protected]",
  "password": "app-password",
  "fromAddress": "[email protected]",
  "fromName": "My Association"
}

Test Connection

POST /api/orgs/{organizationId}/smtp/test
Authorization: Bearer <adminToken>

Send Test Email

POST /api/orgs/{organizationId}/smtp/test-email
Authorization: Bearer <adminToken>
{ "to": "[email protected]" }
GET /api/orgs/{id}/legal-pages
Authorization: Bearer <token>

Also public:

GET /api/public/orgs/{slug}/legal-pages
PUT /api/orgs/{id}/legal-pages
Authorization: Bearer <adminToken>
{
  "termsOfService": "<html>...",
  "privacyPolicy": "<html>...",
  "cookiePolicy": "<html>..."
}

Creation via Invitation

Validate Creation Token (public)

GET /api/orgs/creation-invitations/validate/{token}

Create Org with Invitation (public)

POST /api/orgs/create-with-invitation
{
  "token": "invitation-token",
  "orgName": "New Association",
  "adminEmail": "[email protected]",
  "adminPassword": "secure-password"
}