Skip to content

Members & Teams

Member, invitation, and team management is handled by Better Auth’s organization plugin. All endpoints below are served at /api/auth/organization/*.

GET /api/auth/organization/list-members

Query parameters:

Parameter Type Description
organizationId string Organization to list members for. Defaults to the session’s active organization.
limit number Max results to return (default: 100).
offset number Offset for pagination (default: 0).
sortBy string Field to sort by (default: "createdAt").
sortDirection "asc" | "desc" Sort direction (default: "desc").

POST /api/auth/organization/update-member-role
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
memberId string Yes The member ID to update.
role "owner" | "admin" | "member" Yes The new role.
organizationId string No Defaults to the session’s active organization.

POST /api/auth/organization/remove-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
memberId string Yes The member ID to remove.
organizationId string No Defaults to the session’s active organization.

POST /api/auth/organization/invite-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
email string Yes Email address of the person to invite.
role "owner" | "admin" | "member" Yes Role to assign on acceptance.
organizationId string No Defaults to the session’s active organization.
teamId string No Team to add the member to on acceptance.
resend boolean No Re-send the invitation email if one is already pending for this address.

GET /api/auth/organization/get-invitations

Required role: Admin or owner.

Query parameters:

Parameter Type Description
organizationId string Defaults to the session’s active organization.

Returns pending invitations including id, email, role, teamId, status, and expiresAt.


POST /api/auth/organization/cancel-invitation
Content-Type: application/json

Required role: Admin or owner (or the user who sent the invitation).

Request body:

Field Type Required Description
invitationId string Yes ID of the invitation to cancel.

POST /api/auth/organization/accept-invitation
Content-Type: application/json

Called by the invitee after clicking the invitation link.

Request body:

Field Type Required Description
invitationId string Yes ID of the invitation to accept.

GET /api/auth/organization/list-teams

Query parameters:

Parameter Type Description
organizationId string Defaults to the session’s active organization.

POST /api/auth/organization/create-team
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
name string Yes Team name.
organizationId string No Defaults to the session’s active organization.

POST /api/auth/organization/update-team
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
teamId string Yes ID of the team to update.
data.name string Yes New team name.

POST /api/auth/organization/remove-team
Content-Type: application/json

Required role: Admin or owner.

Deleting a team does not remove its members from the organization — members’ teamId is set to null.

Request body:

Field Type Required Description
teamId string Yes ID of the team to delete.

GET /api/auth/organization/list-team-members

Query parameters:

Parameter Type Description
teamId string ID of the team.

POST /api/auth/organization/remove-team-member
Content-Type: application/json

Required role: Admin or owner.

Request body:

Field Type Required Description
teamId string Yes
userId string Yes