Skip to main content
POST
/
invitations
Invite a user to the team
curl --request POST \
  --url https://core.cyberun.cloud/api/v1/invitations \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "email_address": "bob@example.com",
  "invitation_role": "member"
}
'
{
  "id": "019abc12-5678-7890-abcd-ef1234567892",
  "invitation_token": "<string>"
}

Documentation Index

Fetch the complete documentation index at: https://docs.cyberun.cloud/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

User session JWT (Bearer ). Must be paired with the X-Team-ID request header on team-scoped endpoints so the server knows which team's resources to operate on.

Headers

X-Team-ID
string<uuid>

UUID of the team to scope the request to. Used by dual-auth endpoints (runtime + scoped management):

  • JWT callers MUST send it — a user may belong to multiple teams and the runtime cannot otherwise know which one to operate on. Missing header → 400.
  • Credential callers (sk-, dk-) can omit it because the team is derived from the credential row itself. Any value sent is ignored.
Example:

"019abc12-4567-7890-abcd-ef1234567891"

Body

application/json
email_address
string<email>
required

Email address to invite. The user does not need to have an existing account.

Example:

"bob@example.com"

invitation_role
enum<string>
required

Role to assign when the invitation is accepted.

Available options:
admin,
member,
viewer
Example:

"member"

Response

Invitation created

id
string<uuid>
required

UUID of the created invitation.

Example:

"019abc12-5678-7890-abcd-ef1234567892"

invitation_token
string

One-time invitation token. Only present when email is disabled on the server. The admin should share this token with the invitee through an out-of-band channel (e.g. internal messaging, manual email). The invitee uses this token to accept the invitation.