GET / POST · Org members

GET /api/orgs/:id/members

List members of an org. Caller must be a member.

curl https://www.mnueron.com/api/orgs/01HQ…/members \
  -H "Authorization: Bearer $MNUERON_API_TOKEN"

Response

{
  "members": [
    { "id": "01HQ…", "email": "alice@example.com", "name": "Alice",
      "role": "owner",  "last_login_at": ..., "created_at": ... },
    { "id": "01HR…", "email": "bob@example.com",   "name": "Bob",
      "role": "member", "last_login_at": ..., "created_at": ... }
  ]
}

POST /api/orgs/:id/members

Add a user to the org by email. Only owners. The target user must already have a Mnueron account — we don't send invite emails from this endpoint yet.

curl -X POST https://www.mnueron.com/api/orgs/01HQ…/members \
  -H "Authorization: Bearer $MNUERON_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ "email": "bob@example.com", "role": "member" }'

Body

Field	Type	Required	Notes
`email`	string	yes	Must match an existing user's email
`role`	string	no	`owner` / `admin` / `member` (default `member`)

Response

201 Created

{ "user_id": "01HR…", "role": "member" }

Errors

Status	Reason
`403`	Caller is not an owner
`404`	No user with that email
`409`	Already a member

DELETE /api/orgs/:id/members/:userId

Remove a member. Owners only. Refuses to remove the last remaining owner (409).

curl -X DELETE https://www.mnueron.com/api/orgs/01HQ…/members/01HR… \
  -H "Authorization: Bearer $MNUERON_API_TOKEN"

Returns 204.