Members

GET /api/members

List tenant members with their roles.

POST /api/members

Add a member to the tenant. 
{
  "userId": "user_abc123",
  "role": "developer"
}

PATCH /api/members/:userId

Update a member’s role. 
{
  "role": "admin"
}

DELETE /api/members/:userId

Remove a member from the tenant.

Roles

RoleDescription
ownerFull access, can manage billing and delete tenant
adminFull access except billing
developerCreate/manage threads and projects, deploy agents
viewerRead-only access to threads and projects
guestLimited access to specific threads

Invitations

GET /api/invitations

List pending invitations.

POST /api/invitations

Create a new invitation. 
{
  "email": "dev@example.com",
  "role": "developer"
}

POST /api/invitations/:id/accept

Accept an invitation. 
{
  "token": "inv_token_..."
}

DELETE /api/invitations/:id

Revoke a pending invitation.

Credentials

GET /api/credentials

List stored credentials (service names only, not values).

PUT /api/credentials/:service

Store or update a credential. 
{
  "accessToken": "ghp_...",
  "refreshToken": "ghr_...",
  "expiresAt": 1735689600,
  "metadata": { "scope": "repo,user" }
}

DELETE /api/credentials/:service

Remove a stored credential.

User Profile

GET /api/me

Get current user profile.

GET /api/me/preferences

Get user preferences.

PATCH /api/me/preferences

Update user preferences. 
{
  "preferences": {
    "theme": "dark",
    "defaultModel": "claude-sonnet-4",
    "notifications": true
  }
}

Tenant Settings

GET /api/settings

Get tenant-level settings.

PATCH /api/settings

Update tenant settings. 
{
  "settings": {
    "defaultExecutionTarget": "cloud",
    "autoArchiveDays": 30
  }
}