API Reference

Organizations Endpoint

Manage your organization's settings, team members, integrations, and license information via the ComplyWise API.

Updated March 20265 min read

On this page

Overview

The Organizations API provides read and write access to your tenant's configuration, team members, and connected integrations. All organization endpoints are scoped to the authenticated user's tenant — you cannot access other tenants' data. Admin role is required for most write operations.

  • Base path: /api/org
  • All endpoints require authentication
  • Write operations require Admin role
  • Responses are JSON with consistent envelope format

GET /api/org/profile

Returns the current organization's profile including name, tenant ID, license tier, created date, and settings. This endpoint is available to all roles.

  • Response: { "tenant_id": "uuid", "name": "Acme Corp", "license_tier": "PROFESSIONAL", "created_at": "2026-01-15T..." }
  • Includes license tier, max users, max frameworks, and feature flags
  • Available to Admin, Auditor, and Member roles

PUT /api/org/profile

Update the organization's display name and settings. Only the Admin role can perform this operation. The request body should include only the fields you want to update — omitted fields retain their current values.

  • Body: { "name": "New Org Name" }
  • Admin role required
  • Returns the updated organization profile
  • Changes logged in the audit trail

GET /api/org/members

List all team members in the organization. Returns user ID, email, name, role, last login date, and MFA status for each member. Available to Admin and Auditor roles.

  • Response: array of { "id": "uuid", "email": "user@example.com", "role": "admin", "last_login": "...", "mfa_enabled": true }
  • Filterable by role query parameter: ?role=admin
  • Includes MFA enrollment status for compliance verification
  • Admin and Auditor roles only

POST /api/org/members/invite

Invite a new team member by email with a specified role. The invited user receives an email with a link to set their password and complete registration. You can specify admin, auditor, or member as the role.

  • Body: { "email": "new@example.com", "role": "member" }
  • Sends an invitation email to the specified address
  • Role must be one of: admin, auditor, member
  • Admin role required to invite new members

GET /api/org/integrations

List all configured integrations for the organization. Returns the integration type, connection status, last scan date, and configuration metadata. Sensitive fields like API keys and credentials are redacted in the response.

  • Response: array of { "type": "aws", "status": "connected", "last_scan": "...", "config": { ... } }
  • Credentials are never included in the response
  • Status values: connected, disconnected, error
  • Available to Admin and Auditor roles
Authentication & API KeysScans & Evidence Endpoint
← Back to Documentation