Skip to main content

Organizations & Teams

Organizations let you collaborate with teammates under a single billing account. Every PromptGuard user starts with a personal organization. You can create additional team organizations, invite members, and control access with role-based permissions.

Concepts

ConceptDescription
OrganizationA shared workspace that owns projects, API keys, and billing
MemberA user who belongs to the organization
RolePermission level assigned to each member
InvitationA pending invite sent via email

Roles & Permissions

CapabilityOwnerAdminMemberViewer
View projects and analyticsYesYesYesYes
Create and manage API keysYesYesYesNo
Manage security policiesYesYesYesNo
Invite and remove membersYesYesNoNo
Update organization settingsYesYesNoNo
Promote members to adminYesNoNoNo
Transfer ownershipYesNoNoNo
Delete organizationYesNoNoNo

Getting Started

Create a Team

  1. Go to Dashboard > Settings > Team
  2. Click “Create Team”
  3. Enter a team name
  4. Your new organization appears alongside your personal workspace

Invite Members

  1. Navigate to Dashboard > Settings > Team
  2. Under Invitations, enter the email address and select a role
  3. Click “Send Invite”
  4. The invitee receives an email with a link to accept
Invitations expire after 7 days. You can cancel a pending invitation and resend if needed.

Switch Organizations

Use the organization selector at the top of the dashboard sidebar to switch between your personal workspace and team organizations.

Managing Members

Change a Member’s Role

  1. Go to Dashboard > Settings > Team
  2. Find the member in the Members table
  3. Select the new role from the dropdown
  4. Confirm the change

Remove a Member

  1. Go to Dashboard > Settings > Team
  2. Click the remove button next to the member
  3. Confirm removal
Removing a member revokes their access immediately. Their individual API keys remain valid for projects they created, but they lose access to the organization’s shared projects.

Ownership

Transfer Ownership

  1. Go to Dashboard > Settings > Team > Danger Zone
  2. Click “Transfer Ownership”
  3. Select the new owner from existing members
  4. Confirm the transfer
After transfer, the previous owner is demoted to admin.

Delete an Organization

  1. Go to Dashboard > Settings > Team > Danger Zone
  2. Click “Delete Organization”
  3. Type the organization name to confirm
Deleting an organization permanently removes all projects, API keys, scan history, and member associations. This cannot be undone. Personal organizations cannot be deleted.

API Reference

The Organizations API is session-authenticated (Dashboard API). All endpoints live under /dashboard/organizations.

List Organizations

curl https://api.promptguard.co/dashboard/organizations \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN"

Create Organization

curl -X POST https://api.promptguard.co/dashboard/organizations \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "Acme Security Team"}'
Response 
{
  "id": "org_abc123",
  "name": "Acme Security Team",
  "slug": "acme-security-team",
  "type": "team",
  "owner_id": "usr_def456",
  "settings": {},
  "created_at": "2026-02-15T10:30:00Z",
  "updated_at": "2026-02-15T10:30:00Z"
}

Invite a Member

curl -X POST https://api.promptguard.co/dashboard/organizations/org_abc123/invitations \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"email": "teammate@company.com", "role": "member"}'

Update Member Role

curl -X PATCH https://api.promptguard.co/dashboard/organizations/org_abc123/members/usr_ghi789 \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"role": "admin"}'

Remove a Member

curl -X DELETE https://api.promptguard.co/dashboard/organizations/org_abc123/members/usr_ghi789 \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN"

Transfer Ownership

curl -X POST https://api.promptguard.co/dashboard/organizations/org_abc123/transfer-ownership \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"new_owner_id": "usr_ghi789"}'

Delete Organization

curl -X DELETE https://api.promptguard.co/dashboard/organizations/org_abc123 \
  -H "Authorization: Bearer YOUR_SESSION_TOKEN"

Best Practices

  1. Use the least privilege role — assign Viewer to stakeholders who only need read access
  2. One organization per team — avoid mixing production and personal projects
  3. Rotate ownership proactively — transfer ownership before an owner leaves the company
  4. Audit members regularly — remove inactive members to reduce your attack surface