IM
EN
Docs Home
Menu
Guides

Account Context And Members

Select account scope and inspect account membership before credential or provider operations.

inbox-manager client-flow

Account Context And Members

Purpose: select account scope and inspect account membership before credential or provider operations.

UI Flow

  1. UI calls GET /api/accounts to list accessible accounts.
  2. User selects active account.
  3. UI persists account context via POST /api/account-views/switch.
  4. UI loads GET /api/accounts/:account_id.
  5. UI loads GET /api/accounts/:account_id/members.
  6. Owner can create child account with POST /api/accounts.
  7. Owner can update account display values with PATCH /api/accounts/:account_id.
  8. Owner can add/remove members with /api/accounts/:account_id/members*.
  9. UI stores account_id in route state and prefixes all subsequent account-scoped calls.

Client Library Flow

const accounts = await api.accounts.list();
const active = selectAccount(accounts.data);
const account = await api.accounts.get(active.id);
const members = await api.members.list(active.id);

HTTP/curl Flow

API_BASE_URL="https://api.inbox-manager.com"

curl -sS "${API_BASE_URL}/api/accounts" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS -X POST "${API_BASE_URL}/api/account-views/switch" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data "{\"account_id\":\"${ACCOUNT_ID}\"}"

curl -sS "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

curl -sS -X POST "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/search" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"query":"owner","limit":20,"offset":0}'

curl -sS -X POST "${API_BASE_URL}/api/accounts" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"name":"Operations"}'

curl -sS -X PATCH "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"name":"Operations Team"}'

curl -sS -X POST "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"user_id":"uid_target","role":"member"}'

curl -sS -X PATCH "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/${MEMBER_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}" \
  -H "content-type: application/json" \
  --data '{"role":"owner"}'

curl -sS -X DELETE "${API_BASE_URL}/api/accounts/${ACCOUNT_ID}/members/${MEMBER_ID}" \
  -H "authorization: Bearer ${BEARER_TOKEN}"

Notes

  • Account path mismatch returns 403.
  • Membership endpoints are account-scoped and role-gated.
  • Account/member write endpoints require owner role.
  • Member creation supports member and viewer; ownership promotion uses patch.
  • Owner self-demotion and self-membership removal are blocked.
  • Last-owner demotion or deletion returns 409.
Next
Audit Logs And Operations

Query operation history for provider actions, job execution, and troubleshooting.