API Overview

Centralized source of truth for organizations, users, and permissions

Organizations

Manage organizations with WorkOS Directory Sync integration

CRUD Operations

Users

User management with SSO authentication via WorkOS AuthKit

SSO Ready

Permissions

Fine-grained RBAC with roles and permissions

RBAC

API Endpoints

All endpoints require Bearer token authentication. Include your API key in the Authorization header.

GET/api/v1/organizationsList all organizations

POST/api/v1/organizationsCreate a new organization

GET/api/v1/organizations/:idGet organization by ID

PUT/api/v1/organizations/:idUpdate organization

DELETE/api/v1/organizations/:idDelete organization

GET/api/v1/usersList all users

POST/api/v1/usersCreate a new user

GET/api/v1/users/:idGet user by ID

PUT/api/v1/users/:idUpdate user

DELETE/api/v1/users/:idDelete user

GET/api/v1/rolesList all roles

GET/api/v1/permissionsList all permissions

GET/api/v1/membershipsList organization memberships

POST/api/v1/membershipsAdd user to organization

POST/api/v1/keysCreate API key

GET/api/v1/keysList API keys

POST/api/v1/keys/:id?action=rotateRotate API key

DELETE/api/v1/keys/:idRevoke API key

Authentication

Include your API key in all requests using the Authorization header

curl -X GET \
  -H "Authorization: Bearer gr_your_api_key_here" \
  -H "Content-Type: application/json" \
  https://your-domain.com/api/v1/organizations