Elydora Docs
Docs/API Reference/Onboarding

Onboarding API

The Onboarding API manages workspace creation for new users. Every authenticated user must complete onboarding exactly once before accessing other Elydora resources. Users can create either a personal workspace or a named organization workspace. Once onboarding is complete, the onboarding_completed flag is set to 1 and subsequent calls to the create endpoints return a 409 Conflict.

Get Onboarding Status

GET
/v1/onboarding/status
Return the onboarding completion status and current org assignment for the authenticated user.
Auth: any authenticated user

Example Request

bash
curl https://api.elydora.com/v1/onboarding/status \
  -H "Authorization: Bearer <token>"

Response

json
{
  "onboarding_completed": 0,
  "org_id": null
}

After onboarding is completed, the response reflects the assigned workspace:

json
{
  "onboarding_completed": 1,
  "org_id": "0195a0b1-c2d3-7e4f-a5b6-c7d8e9f0a1b2"
}

Create Personal Workspace

POST
/v1/onboarding/personal
Create a personal workspace for the authenticated user and mark onboarding as complete. Returns HTTP 201 on success.
Auth: any authenticated user

This endpoint requires no request body. A workspace named Personal Workspace is created automatically. The session cookie is refreshed to reflect the new org_id.

Example Request

bash
curl -X POST https://api.elydora.com/v1/onboarding/personal \
  -H "Authorization: Bearer <token>"

Response

json
{
  "org_id": "0195a0b1-c2d3-7e4f-a5b6-c7d8e9f0a1b2"
}

Create Organization Workspace

POST
/v1/onboarding/organization
Create a named organization workspace and optionally invite team members. Returns HTTP 201 on success.
Auth: any authenticated user

Request Body

FieldTypeRequiredDescription
org_namestringYesDisplay name for the organization. Maximum 128 characters.
descriptionstringNoOptional description of the organization. Maximum 512 characters.
invitationsarrayNoOptional array of invitation objects to send immediately upon workspace creation. Each object requires email and role fields.

Invitation Object Fields

FieldTypeRequiredDescription
emailstringYesEmail address of the person to invite. Maximum 256 characters.
rolestringYesRBAC role to assign. One of: readonly_investigator, integration_engineer, compliance_auditor, security_admin, org_owner.

Example Request

bash
curl -X POST https://api.elydora.com/v1/onboarding/organization \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "org_name": "Acme Corp",
    "description": "Acme Corporation AI audit workspace",
    "invitations": [
      { "email": "bob@acme.com", "role": "security_admin" },
      { "email": "carol@acme.com", "role": "compliance_auditor" }
    ]
  }'

Response

json
{
  "org_id": "0195a0b1-c2d3-7e4f-a5b6-c7d8e9f0a1b2"
}