HeadlessOps
API Reference

Workspaces API

REST API reference for workspace and member management

Workspaces API

All workspace management endpoints require session authentication.

Endpoints

GET /api/workspaces

List all workspaces the authenticated user is a member of.

Auth: Session | Min Role: VIEWER

Response:

[
  { "id": "ws_abc123", "name": "Acme Prod", "slug": "acme-prod", "description": "", "createdAt": "2026-01-01T00:00:00Z" }
]

POST /api/workspaces

Create a new workspace. The authenticated user becomes the OWNER.

Auth: Session | Min Role: VIEWER

Body:

{ "name": "My Workspace", "slug": "my-workspace", "description": "Optional description" }

Response: 201 workspace object


GET /api/workspaces/:workspaceId/members

List all members and pending invites for a workspace.

Auth: Session | Min Role: VIEWER

Response:

{
  "members": [{ "id": "mem_1", "role": "OWNER", "user": { "id": "u_1", "name": "Alice", "email": "alice@example.com" } }],
  "invites": [{ "id": "inv_1", "email": "dev@example.com", "role": "DEVELOPER", "expiresAt": "2026-06-11T00:00:00Z" }]
}

POST /api/workspaces/:workspaceId/members/invite

Invite a user by email. Sends an invitation email.

Auth: Session | Min Role: ADMIN

Body:

{ "email": "dev@example.com", "role": "DEVELOPER" }

Roles: OWNER | ADMIN | MEMBER | VIEWER (default: MEMBER)

Response: { "inviteId": "inv_abc", "inviteUrl": "https://..." }


GET /api/workspaces/:workspaceId/api-keys

List all API keys for a workspace. Secret values are never returned.

Auth: Session | Min Role: ADMIN


POST /api/workspaces/:workspaceId/api-keys

Create a new API key. The full key is returned only once.

Auth: Session | Min Role: ADMIN

Body:

{ "name": "ci-deploy", "expiresAt": "2027-01-01T00:00:00Z" }

Response: 201 { id, name, key, keyPrefix, createdAt }


DELETE /api/workspaces/:workspaceId/api-keys/:keyId

Revoke an API key.

Auth: Session | Min Role: ADMIN

Response: 204 No Content