Org & Users
The organization resource returns metadata about your account. The user resource lets you list, fetch, invite, update, and deactivate the developers who consume training. All endpoints sit under /api/public/v1.
Endpoints
| Method | Path | Scope | Purpose |
|---|---|---|---|
| GET | /org | org:read | Calling organization's metadata. |
| GET | /users | users:read | List users in the organization. |
| GET | /users/{id} | users:read | Single user including progress totals. |
| POST | /users | users:write | Invite a user. Sends an invitation email. |
| PATCH | /users/{id} | users:write | Update name, email, role, or team membership. |
| DELETE | /users/{id} | users:write | Deactivate a user. Does not hard-delete. |
Get organization
Returns plan, seat cap, slug, domain, and trial state for the organization tied to the API key.
GET /api/public/v1/org
Authorization: Bearer scs_live_…Response
{
"id": "9c2f4b8e-0c1d-4a52-b6f3-1ed7b0a4c9f1",
"name": "Acme Corp",
"slug": "acme",
"domain": "acme.com",
"plan": "growth",
"maxSeats": 250,
"trialExpiresAt": null,
"isActive": true,
"createdAt": "2025-08-12T09:14:22Z"
}Example
curl -sS -H "Authorization: Bearer $SCH_API_KEY" \
https://api.limeplate.com/api/public/v1/orgList users
Returns every user in the organization, active or deactivated. The list is unpaginated; expect up to a few thousand entries depending on your plan.
GET /api/public/v1/users
Authorization: Bearer scs_live_…Response
[
{
"id": "b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4",
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "learner",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32",
"teamName": "Payments",
"isActive": true,
"lastLoginAt": "2026-05-27T16:42:11Z",
"createdAt": "2026-02-04T11:08:00Z"
}
]Example
curl -sS -H "Authorization: Bearer $SCH_API_KEY" \
https://api.limeplate.com/api/public/v1/usersGet user
Returns the same fields as the list entry plus aggregate XP, completed challenges, completed scenarios, and per-topic progress arrays. Use this when you need a single developer's full training history.
GET /api/public/v1/users/{userId}
Authorization: Bearer scs_live_…Response
{
"id": "b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4",
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "member",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32",
"teamName": "Payments",
"isActive": true,
"lastLoginAt": "2026-05-27T16:42:11Z",
"createdAt": "2026-02-04T11:08:00Z",
"totalXp": 4280,
"completedChallenges": 38,
"completedScenarios": 4,
"practiceProgress": [],
"learnProgress": []
}Example
curl -sS -H "Authorization: Bearer $SCH_API_KEY" \
https://api.limeplate.com/api/public/v1/users/b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4Create user
Creates the user record and sends an invitation email to the supplied address. Idempotent on email: re-POSTing the same email returns an error rather than creating a duplicate. Use this from your SCIM proxy, HRIS sync, or onboarding script.
POST /api/public/v1/users
Authorization: Bearer scs_live_…
Content-Type: application/jsonRequest body
| Field | Type | Required | Meaning |
|---|---|---|---|
name | string | yes | Display name shown in dashboards and assignment emails. |
email | string | yes | Login identifier. Receives the invitation email. |
role | string | yes | learner (default) or org_admin. Any other value is coerced to learner. |
teamId | uuid | no | Place the user in a team at creation time. Omit to leave unassigned. |
Response
{
"id": "b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4",
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "learner",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32",
"teamName": "Payments",
"isActive": true,
"lastLoginAt": null,
"createdAt": "2026-05-29T09:22:14Z"
}Example
curl -sS -X POST \
-H "Authorization: Bearer $SCH_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "learner",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32"
}' \
https://api.limeplate.com/api/public/v1/usersUpdate user
All fields in the body are written. To move a user out of a team, send teamId: null. Changing the email address does not re-send an invitation.
PATCH /api/public/v1/users/{userId}
Authorization: Bearer scs_live_…
Content-Type: application/jsonRequest body
All four fields are required. Send the current value to keep it unchanged — there is no partial PATCH semantics on this endpoint.
| Field | Type | Required | Meaning |
|---|---|---|---|
name | string | yes | Display name. |
email | string | yes | Login identifier. |
role | string | yes | learner or org_admin. |
teamId | uuid or null | yes | Team id, or null to detach. |
Response
{
"id": "b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4",
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "org_admin",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32",
"teamName": "Payments",
"isActive": true,
"lastLoginAt": "2026-05-27T16:42:11Z",
"createdAt": "2026-02-04T11:08:00Z"
}Example
curl -sS -X PATCH \
-H "Authorization: Bearer $SCH_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"name": "Jane Smith",
"email": "jane.smith@acme.com",
"role": "org_admin",
"teamId": "4f8d3e2a-71cb-4d09-9ad7-5b8c7e1f0a32"
}' \
https://api.limeplate.com/api/public/v1/users/b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4Deactivate user
Sets isActive to false. The record stays in place: completed challenges, scenarios, XP, and historical assignments are preserved so audit and reporting continue to work. The user can no longer sign in, and no new assignments will be created against them via SARIF or POST /assignments. There is no hard-delete endpoint; data deletion requests go through the privacy team.
DELETE /api/public/v1/users/{userId}
Authorization: Bearer scs_live_…Response
{
"message": "User deactivated"
}Example
curl -sS -X DELETE \
-H "Authorization: Bearer $SCH_API_KEY" \
https://api.limeplate.com/api/public/v1/users/b1a4d7c2-9e58-4f3a-83cd-2c6f1a90e7b4