Members & Teams

Member, invitation, and team management is handled by Better Auth’s organization plugin. All endpoints below are served at /api/auth/organization/*.

Members

List members

GET /api/auth/organization/list-members

Query parameters:

Parameter	Type	Description
`organizationId`	`string`	Organization to list members for. Defaults to the session’s active organization.
`limit`	`number`	Max results to return (default: `100`).
`offset`	`number`	Offset for pagination (default: `0`).
`sortBy`	`string`	Field to sort by (default: `"createdAt"`).
`sortDirection`	`"asc" \| "desc"`	Sort direction (default: `"desc"`).

Update a member’s role

POST /api/auth/organization/update-member-role
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`memberId`	`string`	Yes	The member ID to update.
`role`	`"owner" \| "admin" \| "member"`	Yes	The new role.
`organizationId`	`string`	No	Defaults to the session’s active organization.

Remove a member

POST /api/auth/organization/remove-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`memberId`	`string`	Yes	The member ID to remove.
`organizationId`	`string`	No	Defaults to the session’s active organization.

Invitations

Invite a member

POST /api/auth/organization/invite-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`email`	`string`	Yes	Email address of the person to invite.
`role`	`"owner" \| "admin" \| "member"`	Yes	Role to assign on acceptance.
`organizationId`	`string`	No	Defaults to the session’s active organization.
`teamId`	`string`	No	Team to add the member to on acceptance.
`resend`	`boolean`	No	Re-send the invitation email if one is already pending for this address.

List invitations

GET /api/auth/organization/get-invitations

Required role: Admin or owner.

Query parameters:

Parameter	Type	Description
`organizationId`	`string`	Defaults to the session’s active organization.

Returns pending invitations including id, email, role, teamId, status, and expiresAt.

Cancel an invitation

POST /api/auth/organization/cancel-invitation
Content-Type: application/json

Required role: Admin or owner (or the user who sent the invitation).

Request body:

Field	Type	Required	Description
`invitationId`	`string`	Yes	ID of the invitation to cancel.

Accept an invitation

POST /api/auth/organization/accept-invitation
Content-Type: application/json

Called by the invitee after clicking the invitation link.

Request body:

Field	Type	Required	Description
`invitationId`	`string`	Yes	ID of the invitation to accept.

Teams

List teams

GET /api/auth/organization/list-teams

Query parameters:

Parameter	Type	Description
`organizationId`	`string`	Defaults to the session’s active organization.

Create a team

POST /api/auth/organization/create-team
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`name`	`string`	Yes	Team name.
`organizationId`	`string`	No	Defaults to the session’s active organization.

Update a team

POST /api/auth/organization/update-team
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`teamId`	`string`	Yes	ID of the team to update.
`data.name`	`string`	Yes	New team name.

Delete a team

POST /api/auth/organization/remove-team
Content-Type: application/json

Required role: Admin or owner.

Deleting a team does not remove its members from the organization — members’ teamId is set to null.

Request body:

Field	Type	Required	Description
`teamId`	`string`	Yes	ID of the team to delete.

List team members

GET /api/auth/organization/list-team-members

Query parameters:

Parameter	Type	Description
`teamId`	`string`	ID of the team.

Remove a member from a team

POST /api/auth/organization/remove-team-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field	Type	Required	Description
`teamId`	`string`	Yes
`userId`	`string`	Yes