Skip to main content
Invites are the mechanism for bringing new members into an organization. The admin-side endpoints create/list/revoke invites scoped to your org. The token-side endpoints let an invitee look up, accept, or decline an invite by its secret token — those endpoints don’t require you to be a member of the target org (the token itself identifies it).

Endpoints

MethodPathRequired roleDescription
GET/v1/invitesadmin+List pending invites
POST/v1/invitesadmin+Send an invite
DELETE/v1/invites/{invite_id}admin+Revoke a pending invite
GET/v1/invites/{token}authenticatedLook up an invite by token
POST/v1/invites/{token}/acceptauthenticatedAccept an invite
POST/v1/invites/{token}/declineauthenticatedDecline an invite

Invite object (admin list/create)

The list / create endpoints use a trimmed view that omits the raw token. For the by-token lookup see the token lookup response. 
{
  "id": 18,
  "email": "new-teammate@example.com",
  "role": "member",
  "status": "pending",
  "invited_by_email": "owner@example.com",
  "created_at": "2026-04-20T18:24:10.113Z",
  "expires_at": "2026-04-27T18:24:10.113Z"
}
FieldTypeDescription
idintegerInternal invite id (used by the revoke endpoint)
emailstringInvitee email
rolestringRole granted on acceptance: admin or member
statusstringpending, accepted, or declined
invited_by_emailstringEmail of the admin/owner who sent the invite
created_attimestampISO 8601 UTC
expires_attimestamp7 days after created_at by default
The raw invite token is only shown via the email link the invitee receives, not in API responses. If you need to craft your own invite UX, capture the token from the user-submitted URL rather than the API.

List pending invites

curl https://api.thunderphone.com/v1/invites \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"
Returns a JSON array of Invite objects in pending state, sorted by created_at descending.

Send an invite

curl -X POST https://api.thunderphone.com/v1/invites \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "new-teammate@example.com",
    "role": "member"
  }'
FieldTypeRequiredDescription
emailstringyesInvitee email
rolestringyesadmin or member
Returns 201 Created with the Invite object. The invitee receives an email containing a link of the form https://app.thunderphone.com/invite/{token}.
StatusCondition
400Email already has a pending invite for this org, or is already a member
403Caller is not an admin/owner

Revoke an invite

curl -X DELETE https://api.thunderphone.com/v1/invites/18 \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"
Returns 204 No Content. Only invites with status pending can be revoked.

Look up by token

Public lookup used by the dashboard’s invite-landing page. This endpoint is unauthenticated — the token itself is the credential. Used to render the “You’ve been invited to join Acme Ops” UI. 
curl https://api.thunderphone.com/v1/invites/a1b2c3d4-...
Response: 
{
  "id": 18,
  "org_name": "Acme Ops",
  "email": "new-teammate@example.com",
  "role": "member",
  "status": "pending",
  "invited_by_email": "owner@example.com",
  "created_at": "2026-04-20T18:24:10.113Z",
  "expires_at": "2026-04-27T18:24:10.113Z"
}
StatusCondition
200Pending, not expired — response includes org_name for UI display
404Token not found
410Token exists but is already accepted / declined, or has expired

Accept an invite

The caller must be authenticated; their user is added to the target org with the role specified on the invite. 
curl -X POST https://api.thunderphone.com/v1/invites/a1b2c3d4-.../accept \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"
Returns 200 OK: 
{
  "detail": "Invite accepted.",
  "org_id": 42
}
StatusCondition
200Invite accepted; caller is now a member
403Caller is signed in as a user whose email does not match the invite
404Token not found
410Token exists but is already accepted / declined, or has expired

Decline an invite

curl -X POST https://api.thunderphone.com/v1/invites/a1b2c3d4-.../decline \
  -H "Authorization: Bearer sk_live_YOUR_API_KEY"
Returns 204 No Content.

Members

Manage members and roles after they join.

Organizations

Manage the org resource itself.