Endpoints
| Method | Path | Description |
|---|
GET | /api/v1/organizations/current | Get the current organization |
PATCH | /api/v1/organizations/current | Update organization settings |
GET | /api/v1/organizations/current/members | List organization members |
POST | /api/v1/organizations/current/members/invite | Invite a new member |
DELETE | /api/v1/organizations/current/members/:userId | Remove a member |
PATCH | /api/v1/organizations/current/members/:userId | Update a member’s role |
Get current organization
Returns the organization associated with the API key.
Required scope: organizations:read
GET /api/v1/organizations/current
Authorization: Bearer YOUR_API_KEY
Example request
curl "https://app.pwnbook.io/api/v1/organizations/current" \
-H "Authorization: Bearer pwbk_live_abc123..."
Example response
{
"data": {
"id": "org_01j9k2m3n4p5q6r7s8t9",
"name": "Redteam Security LLC",
"slug": "redteam-security",
"plan": "business",
"memberCount": 8,
"engagementCount": 23,
"createdAt": "2024-06-01T00:00:00.000Z",
"settings": {
"requireTwoFactor": true,
"domainAutoJoin": false,
"ssoEnabled": false
}
}
}
Update organization
Updates organization settings.
Required scope: organizations:write
PATCH /api/v1/organizations/current
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Request body
| Field | Type | Required | Description |
|---|
name | string | No | Organization display name |
Example request
curl -X PATCH "https://app.pwnbook.io/api/v1/organizations/current" \
-H "Authorization: Bearer pwbk_live_abc123..." \
-H "Content-Type: application/json" \
-d '{
"name": "Redteam Security Group LLC"
}'
Example response
{
"data": {
"id": "org_01j9k2m3n4p5q6r7s8t9",
"name": "Redteam Security Group LLC",
"slug": "redteam-security",
"updatedAt": "2025-03-01T12:00:00.000Z"
}
}
List members
Returns all members of the organization.
Required scope: organizations:read
GET /api/v1/organizations/current/members
Authorization: Bearer YOUR_API_KEY
Query parameters
| Parameter | Type | Description |
|---|
role | string | Filter by role: owner, admin, member |
page | integer | Page number (default: 1) |
perPage | integer | Results per page (default: 20, max: 100) |
Example request
curl "https://app.pwnbook.io/api/v1/organizations/current/members" \
-H "Authorization: Bearer pwbk_live_abc123..."
Example response
{
"data": [
{
"id": "usr_01j9k2m3n4p5q6r7s8t9",
"name": "Alice Chen",
"email": "alice@redteamsecurity.com",
"role": "owner",
"joinedAt": "2024-06-01T00:00:00.000Z",
"lastSeenAt": "2025-03-01T09:30:00.000Z"
},
{
"id": "usr_02j9k2m3n4p5q6r7s8t9",
"name": "Bob Martinez",
"email": "bob@redteamsecurity.com",
"role": "member",
"joinedAt": "2024-07-15T00:00:00.000Z",
"lastSeenAt": "2025-02-28T16:45:00.000Z"
}
],
"meta": {
"total": 8,
"page": 1,
"perPage": 20,
"totalPages": 1
}
}
Invite a member
Sends an invitation email to a new member.
Required scope: organizations:write
POST /api/v1/organizations/current/members/invite
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Request body
| Field | Type | Required | Description |
|---|
email | string | Yes | Email address to invite |
role | string | Yes | Role to assign: admin or member |
Example request
curl -X POST "https://app.pwnbook.io/api/v1/organizations/current/members/invite" \
-H "Authorization: Bearer pwbk_live_abc123..." \
-H "Content-Type: application/json" \
-d '{
"email": "carol@redteamsecurity.com",
"role": "member"
}'
Example response
{
"data": {
"id": "inv_01j9k2m3n4p5q6r7s8t9",
"email": "carol@redteamsecurity.com",
"role": "member",
"status": "pending",
"expiresAt": "2025-03-08T12:00:00.000Z",
"createdAt": "2025-03-01T12:00:00.000Z"
}
}
Update a member’s role
Changes the role of an existing organization member.
Required scope: organizations:write
PATCH /api/v1/organizations/current/members/:userId
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
Request body
| Field | Type | Required | Description |
|---|
role | string | Yes | New role: admin or member |
Example request
curl -X PATCH "https://app.pwnbook.io/api/v1/organizations/current/members/usr_02j9k2m3n4p5q6r7s8t9" \
-H "Authorization: Bearer pwbk_live_abc123..." \
-H "Content-Type: application/json" \
-d '{
"role": "admin"
}'
Example response
{
"data": {
"id": "usr_02j9k2m3n4p5q6r7s8t9",
"role": "admin",
"updatedAt": "2025-03-01T12:30:00.000Z"
}
}
You cannot change the role of an Owner via the API. Ownership transfer must be done through the Pwnbook web UI by the current owner.
Remove a member
Removes a member from the organization. The user’s account is not deleted.
Required scope: organizations:write
DELETE /api/v1/organizations/current/members/:userId
Authorization: Bearer YOUR_API_KEY
Example request
curl -X DELETE "https://app.pwnbook.io/api/v1/organizations/current/members/usr_02j9k2m3n4p5q6r7s8t9" \
-H "Authorization: Bearer pwbk_live_abc123..."
Example response
{
"data": {
"removed": true,
"userId": "usr_02j9k2m3n4p5q6r7s8t9"
}
}
Removing a member immediately revokes their access to the organization and all its engagements. This action takes effect instantly.
