Team
Organization members, roles, and invitations
Auth required (Clerk Bearer) and an active organization — without one, every route replies 400 No active organization. Memberships live in Clerk; fine-grained roles (owner / admin / editor / reader) live in Jatobá's own role table, which self-heals against Clerk membership.
GET /api/team/members
Lists members with effective roles.
{
"members": [
{
"userId": "user_...",
"email": "ana@liga.org",
"name": "Ana Souza",
"imageUrl": "https://...",
"role": "admin",
"isOwner": false
}
],
"myRole": "owner"
}The org creator is always owner.
GET /api/team/invitations
Pending invitations: { "invitations": [{ "id", "email", "role", "createdAt" }] }
POST /api/team/invitations
Invite by email (Clerk sends the invite; the role applies on join) or by wallet (a SIWE user has no inbox, so the address is resolved to an existing Clerk user and added directly).
| Body field | Type | Description |
|---|---|---|
role | string (required) | admin | editor | reader |
email | string | Invite by email |
wallet | string | Invite by wallet (0x + 40 hex) |
Requires manageTeam (admin+), and you can only assign roles your own role allows. 201 { "ok": true } (wallet adds also return "joined": true) · 404 no account linked to that wallet · 502 Clerk error.
PATCH /api/team/members/:userId
Change a member's role. Body: { "role": "admin" | "editor" | "reader" }. You can't manage members above your own role. 200 { "ok": true, "role": "..." }
DELETE /api/team/members/:userId
Remove a member (admin+, subject to the same hierarchy rules).
DELETE /api/team/invitations/:invitationId
Revoke a pending invitation.