Skip to content

Harden organization creation API contract and permissions #80

Open
Open
Harden organization creation API contract and permissions#80
Labels
enhancementNew feature or request
@wauputr4

Description

@wauputr4
wauputr4
opened on Jun 6, 2026

Goal

Make the create organization path safe and predictable for the new onboarding flow, including permissions, validation, duplicate handling, and tests.

Scope

  • Verify current /api/v1/org-admin/organizations behavior for normal console users vs superadmin/admin users.
  • Confirm whether the new onboarding flow should create immediately, create as pending/unclaimed, or require review.
  • Add/adjust validation for required fields, slug uniqueness, duplicate names, contact fields, and ownership/role assignment semantics.
  • Ensure stable API error codes/statuses for frontend consumption.
  • Add backend/API tests for success, duplicate, invalid, unauthorized, and permission-boundary cases.
  • Update OpenAPI/docs if the contract changes.

Acceptance criteria

  • Organization creation behavior is documented and covered by tests.
  • Frontend can rely on stable validation and duplicate/conflict errors.
  • Permission boundaries are explicit for public user, claimed org manager, admin, and superadmin.
  • go test ./... and relevant OpenAPI checks pass, or skipped checks are documented.

Related

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions