Skip to content
Evershell Docs

Invite a member

POST
/orgs/{id}/memberships
 
curl --request POST \
  --url https://your-org.evershell.ai/v1/orgs/example/memberships \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{ "email": "hello@example.com", "role": "owner" }'

Permissions: members:write. Inviting with role=owner additionally requires the caller’s identity role to be Owner (operator + members:write isn’t enough — promotion authority is Owner-only).

Sends a WorkOS invitation; the local row stays in pending state until the invitee accepts via the AuthKit flow.

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
id
required
string

Request Body required

Section titled “Request Body required ”
Media type application/json
object
email
required
string format: email
role
required
string
Allowed values: owner operator member

Responses

Section titled “ Responses ”

201

Section titled “201 ”

Invited

Media type application/json
object
id
required
string
org_id
required
string
workos_user_id
required

Empty until the invitee accepts and the WorkOS webhook stamps the real id. Use accepted_at to distinguish pending invitations from active members.

string
email
required
string format: email
role
required
string
Allowed values: owner operator member
invited_by
string
invited_at
required
string format: date-time
accepted_at

Null while the invite is still pending.

string format: date-time
Example 
{
  "role": "owner"
}

400

Section titled “400 ”

Validation failure

Media type application/json
object
error
required
object
code
required

Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)

string
message
required

Human-readable summary

string
request_id
required

Server-generated request id for correlating logs

string
details

Optional structured context. Validation errors land at details.fields as a per-field map.

object
key
additional properties
any
Example 
{
  "error": {
    "code": "permission_denied",
    "message": "caller lacks required scope",
    "request_id": "7f3a9c2e"
  }
}

401

Section titled “401 ”

Missing or invalid credential

Media type application/json
object
error
required
object
code
required

Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)

string
message
required

Human-readable summary

string
request_id
required

Server-generated request id for correlating logs

string
details

Optional structured context. Validation errors land at details.fields as a per-field map.

object
key
additional properties
any
Example 
{
  "error": {
    "code": "permission_denied",
    "message": "caller lacks required scope",
    "request_id": "7f3a9c2e"
  }
}

403

Section titled “403 ”

Caller lacks members:write, or role=owner was requested by a non-Owner caller (code owner_only).

Media type application/json
object
error
required
object
code
required

Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)

string
message
required

Human-readable summary

string
request_id
required

Server-generated request id for correlating logs

string
details

Optional structured context. Validation errors land at details.fields as a per-field map.

object
key
additional properties
any
Example 
{
  "error": {
    "code": "permission_denied",
    "message": "caller lacks required scope",
    "request_id": "7f3a9c2e"
  }
}

409

Section titled “409 ”

State conflict (in-use cascade guard, last-owner, etc.)

Media type application/json
object
error
required
object
code
required

Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)

string
message
required

Human-readable summary

string
request_id
required

Server-generated request id for correlating logs

string
details

Optional structured context. Validation errors land at details.fields as a per-field map.

object
key
additional properties
any
Example 
{
  "error": {
    "code": "permission_denied",
    "message": "caller lacks required scope",
    "request_id": "7f3a9c2e"
  }
}

423

Section titled “423 ”

Tenant is past_due, decommissioning, or trial-expired

Media type application/json
object
error
required
object
code
required

Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)

string
message
required

Human-readable summary

string
request_id
required

Server-generated request id for correlating logs

string
details

Optional structured context. Validation errors land at details.fields as a per-field map.

object
key
additional properties
any
Example 
{
  "error": {
    "code": "permission_denied",
    "message": "caller lacks required scope",
    "request_id": "7f3a9c2e"
  }
}