Skip to main content
The Organization service manages organizations, their projects, members, and invitations. It is served by the Organizations & Metrics microservice, configured via REACT_APP_ORGANIZATIONS_API_BASE_URL (default: https://api.makakoo.com/ma-metrics-wsp-ms/v1/api). All requests require both Api-Key and Authorization: Bearer <token> headers.

List Organizations

GET /organizations
Return all organizations accessible to the authenticated user, including projects, users, and permission metadata. 
curl https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>"
data
array
Array of organization objects.

Create Organization

POST /organizations
Create a new organization. An organization wallet is automatically created after a successful creation.
data.type
string
required
Must be "organization".
data.attributes.name
string
required
The name for the new organization.
curl -X POST https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "type": "organization",
      "attributes": { "name": "Acme Corp" }
    }
  }'
Response: 200 OK with the created organization object.

Get Organization

GET /organizations/{organizationId}
Fetch details for a specific organization, optionally including related resources.
organizationId
string
required
The organization’s unique ID.
include
string
Comma-separated list of related resources to include. Supported values: users, projects, organization_memberships.
forceRefresh
boolean
When true, bypasses client-side caching. Cached data is considered stale after 5 minutes.
curl "https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations/123?include=users,projects" \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>"
data.id
string
The organization ID. Always validate that this matches the requested ID.
data.attributes.name
string
The organization name.
meta.can
object
Permission map scoped to the authenticated user.
included
array
Related resources (users, projects, memberships) when include is specified.

Update Organization Name

PATCH /organizations/{organizationId}
Update the name of an existing organization.
organizationId
string
required
The organization’s unique ID.
data.attributes.name
string
required
The new name for the organization.
curl -X PATCH https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations/123 \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "attributes": { "name": "New Name" }
    }
  }'
Response: 200 OK with the updated organization object.

List Organization Members

GET /organizations/{organizationId}/users
List all members of an organization.
organizationId
string
required
The organization’s unique ID.
Response: Array of user objects with their membership roles.

Add User to Organization

POST /organizations/{organizationId}/add_user
Add an existing platform user to an organization. If the user does not exist, automatically falls back to sending an invitation email.
organizationId
string
required
The organization’s unique ID.
data.type
string
required
Must be "users".
data.attributes.email
string
required
The email address of the user to add.
data.attributes.role
string
required
The role to assign. One of: OWNER, ADMIN, MEMBER, VIEWER.
curl -X POST https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations/123/add_user \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "type": "users",
      "attributes": { "email": "[email protected]", "role": "MEMBER" }
    }
  }'

Send Organization Invitation

POST /organizations/{organizationId}/invitations
Send an email invitation to join an organization to a user who may not yet have a platform account.
organizationId
string
required
The organization’s unique ID.
data.type
string
required
Must be "membershipInvitation".
data.attributes.email
string
required
The email address to invite.
data.attributes.orgRole
string
The role to grant on acceptance. Defaults to "member". Accepted values: "owner", "admin", "member", "viewer".
curl -X POST https://api.makakoo.com/ma-metrics-wsp-ms/v1/api/organizations/123/invitations \
  -H "Authorization: Bearer <token>" \
  -H "Api-Key: <your_api_key>" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "type": "membershipInvitation",
      "attributes": { "email": "[email protected]", "orgRole": "member" }
    }
  }'
If the invited user already has a platform account (HTTP 422 with redirect_to_add_member), the service automatically calls POST /organizations/{id}/add_user instead.

List Organization Invitations

GET /organizations/{organizationId}/invitations
List all pending invitations for an organization.
organizationId
string
required
The organization’s unique ID.

Resend Organization Invitation

POST /organizations/{organizationId}/invitations/{invitationId}/resend
organizationId
string
required
The organization’s unique ID.
invitationId
string
required
The invitation ID to resend.

Cancel Organization Invitation

DELETE /organizations/{organizationId}/invitations/{invitationId}
organizationId
string
required
The organization’s unique ID.
invitationId
string
required
The invitation ID to cancel.

Update Organization Invitation

PATCH /organizations/{organizationId}/invitations/{invitationId}
Update the role of a pending invitation before it is accepted.
organizationId
string
required
The organization’s unique ID.
invitationId
string
required
The invitation ID to update.
data.attributes.orgRole
string
required
The new role. Accepted values: "owner", "admin", "member", "viewer".

Update Member Role

PATCH /organizations/{organizationId}/members/{userId}/role
Change an organization member’s role.
organizationId
string
required
The organization’s unique ID.
userId
string
required
The user’s unique ID.
role
string
required
The new role. One of: OWNER, ADMIN, MEMBER, VIEWER.
Error codes:
CodeDescription
CANNOT_CHANGE_OWN_ROLEUsers cannot change their own role.
INVALID_ROLE_TRANSITIONCannot demote the last owner. Transfer ownership first.
INSUFFICIENT_PERMISSIONSAdmins cannot promote users to the owner role.

Remove Member from Organization

DELETE /organizations/{organizationId}/remove_user/{userId}
organizationId
string
required
The organization’s unique ID.
userId
string
required
The user’s unique ID.

Check Pending Invitations (Current User)

GET /me/pending_invitations
List invitations pending acceptance by the authenticated user.

Accept Invitation

POST /me/accept_invitation/{invitationId}
invitationId
string
required
The invitation ID to accept.

Reject Invitation

DELETE /me/reject_invitation/{invitationId}
invitationId
string
required
The invitation ID to reject.

Global Credentials Hub

Organization-scoped endpoints for listing credentials across all projects.

List Organization API Keys

GET /organizations/{organizationId}/api_keys

List Organization LLM API Keys

GET /organizations/{organizationId}/llm_api_keys

List Organization Sentinel Passes

GET /organizations/{organizationId}/sentinel_passes
All three endpoints accept organizationId as a path parameter and return an array of the respective credential objects.

Build docs developers (and LLMs) love

Get started for freeTalk to us