Team Management
Invite colleagues to your business workspace with role-based access control. Each team member gets their own login and a set of permissions scoped to what they need.
Auth required: JWT (most endpoints)
Base path: /api/v1/team
Roles & Permissions
http
GET /api/v1/team/roles-permissions
Authorization: Bearer <token>Returns all available roles and the permissions they grant.
List Team Members
http
GET /api/v1/team
Authorization: Bearer <token>
Permission: team:viewInvite a Member
http
POST /api/v1/team/invites
Authorization: Bearer <token>
Permission: team:invite
Content-Type: application/jsonjson
{
"email": "colleague@yourcompany.com",
"role": "operations",
"permissions": ["checkout:manage", "balance:view"]
}The invitee receives an email with a link containing an invite token.
Accept Invitation (Public)
The invite link directs the user to your frontend, which calls:
Verify token
http
GET /api/v1/team/invites/verify/:tokenRegister
http
POST /api/v1/team/register
Content-Type: application/jsonjson
{
"token": "<invite_token>",
"first_name": "Jane",
"last_name": "Doe",
"password": "SecurePassword123!"
}Update Member Permissions
http
PUT /api/v1/team/:id/permissions
Authorization: Bearer <token>
Permission: team:manage_permissions
Content-Type: application/jsonjson
{
"permissions": ["checkout:manage", "checkout:view", "balance:view"]
}Remove a Member
http
DELETE /api/v1/team/:id
Authorization: Bearer <token>
Permission: team:manage_permissions