Organization Settings

SMTP, branding, domains, billing credentials, and risk configuration.

Updated May 10, 2026 Edit this page

Organization Settings

This page groups the organization-level settings and integration endpoints that are frequently changed by admins and owners.

SMTP

Method Path
POST /api/organizations/:org_slug/smtp
GET /api/organizations/:org_slug/smtp
DELETE /api/organizations/:org_slug/smtp

Use these endpoints for organization-specific email delivery settings.

Custom domain and branding

Method Path Description
POST /api/organizations/:org_slug/domain Set a custom domain
POST /api/organizations/:org_slug/domain/verify Verify the custom domain
GET /api/organizations/:org_slug/domain Get current domain configuration
DELETE /api/organizations/:org_slug/domain Remove the custom domain
PATCH /api/organizations/:org_slug/branding Update branding
GET /api/organizations/:org_slug/branding Get branding
GET /api/organizations/:org_slug/branding/public Public branding metadata

Domain routing and upstream login mapping

These routes map verified domains to upstream enterprise providers.

Method Path Description
GET /api/organizations/:org_slug/domain-routes List domain routes
POST /api/organizations/:org_slug/domain-routes Create a domain route
PATCH /api/organizations/:org_slug/domain-routes/:domain_id Update mapped upstream provider
POST /api/organizations/:org_slug/domain-routes/:domain_id/verify Verify DNS or HTTP ownership
DELETE /api/organizations/:org_slug/domain-routes/:domain_id Delete a domain route

Example create payload:

{
  "domain": "acme.com",
  "upstream_provider_id": "provider_123"
}

Billing credentials

Organizations can configure their own payment-provider credentials for end-user billing.

Method Path Description
GET /api/organizations/:org_slug/billing-credentials/:provider Read status for stripe or polar
POST /api/organizations/:org_slug/billing-credentials/:provider Set credentials
DELETE /api/organizations/:org_slug/billing-credentials/:provider Delete credentials

Example write payload:

{
  "api_key": "sk_live_xxx",
  "webhook_secret": "whsec_xxx",
  "mode": "live"
}

Only organization owners can manage billing credentials.

Risk configuration

Method Path Description
GET /api/organizations/:org_slug/risk-settings Get thresholds and enforcement
PUT /api/organizations/:org_slug/risk-settings Update thresholds and enforcement
POST /api/organizations/:org_slug/risk-settings/reset Reset to defaults
GET /api/organizations/:org_slug/risk-events List flagged login events

risk-events supports page, limit, and min_score.