Organization Multi-tenancy with organizations, members, invitations, and RBAC.
The OrganizationPlugin provides multi-tenancy support with organizations, membership management, invitation workflows, and role-based access control (RBAC).
use better_auth :: plugins :: OrganizationPlugin ; let auth = BetterAuth :: new (config) . database (database) . plugin ( OrganizationPlugin :: new ()) . build () .await? ; use better_auth :: plugins :: organization :: OrganizationConfig ; let auth = BetterAuth :: new (config) . database (database) . plugin ( OrganizationPlugin :: new () . allow_user_to_create_organization ( true ) . organization_limit ( 5 ) . membership_limit ( 50 ) . creator_role ( "owner" ) . invitation_expires_in ( 172800 ) // 48 hours . invitation_limit ( 100 ) ) . build () .await? ; Option Type Default Description allow_user_to_create_organizationbooltrueAllow users to create organizations organization_limitOption<usize>NoneMax organizations per user membership_limitOption<usize>Some(100)Max members per organization creator_roleString"owner"Role assigned to organization creator invitation_expires_inu64172800 (48h)Invitation expiration in seconds invitation_limitOption<usize>Some(100)Max pending invitations per org disable_organization_deletionboolfalsePrevent organization deletion
Role Organization Member Invitation owner update, delete create, update, delete create, cancel admin update create, update, delete create, cancel member — — —
Extend the default roles with custom permissions:
use better_auth :: plugins :: organization :: config :: { OrganizationConfig , RolePermissions }; use std :: collections :: HashMap ; let mut roles = HashMap :: new (); roles . insert ( "editor" . to_string (), RolePermissions { organization : vec! [ "read" . to_string ()], member : vec! [ "read" . to_string ()], invitation : vec! [], }); let config = OrganizationConfig { roles, .. Default :: default () }; let auth = BetterAuth :: new (auth_config) . database (database) . plugin ( OrganizationPlugin :: with_config (config)) . build () .await? ; Resources : organization, member, invitation
Actions : create, read, update, delete, cancel
The Organization plugin exposes 18 endpoints. For full request/response details, see the OpenAPI Reference .
Endpoint Method Description /organization/createPOST Create a new organization /organization/updatePOST Update organization details /organization/deletePOST Delete an organization /organization/listGET List user's organizations /organization/get-full-organizationGET Get organization with members and invitations /organization/check-slugPOST Check slug availability /organization/set-activePOST Set active organization on session /organization/leavePOST Leave an organization
Endpoint Method Description /organization/get-active-memberGET Get current member record /organization/list-membersGET List organization members (with pagination) /organization/remove-memberPOST Remove a member (requires member:delete) /organization/update-member-rolePOST Update member role (requires member:update)
Endpoint Method Description /organization/invite-memberPOST Invite a user by email /organization/get-invitationGET Get invitation details /organization/list-invitationsGET List organization invitations /organization/list-user-invitationsGET List invitations for current user /organization/accept-invitationPOST Accept an invitation /organization/reject-invitationPOST Reject an invitation /organization/cancel-invitationPOST Cancel an invitation (requires invitation:cancel)
Endpoint Method Description /organization/has-permissionPOST Check if user has specific permissions
Status Condition 400 Invalid slug format or missing required fields 403 Insufficient permissions for the operation 404 Organization, member, or invitation not found 409 Slug already taken or user already a member