Logto · Capability

Logto API references — Organizations

Logto API references — Organizations. 36 operations. Lead operation: Create an organization. Self-contained Naftiko capability covering one Logto business surface.

Run with Naftiko LogtoOrganizations

What You Can Do

POST

Createorganization — Create an organization

/v1/api/organizations

GET

Listorganizations — Get organizations

/v1/api/organizations

GET

Getorganization — Get organization

/v1/api/organizations/{id}

PATCH

Updateorganization — Update organization

/v1/api/organizations/{id}

DELETE

Deleteorganization — Delete organization

/v1/api/organizations/{id}

POST

Addorganizationapplications — Add organization application

/v1/api/organizations/{id}/applications

PUT

Replaceorganizationapplications — Replace organization applications

/v1/api/organizations/{id}/applications

GET

Listorganizationapplications — Get organization applications

/v1/api/organizations/{id}/applications

POST

Assignorganizationrolestoapplications — Assign roles to applications in an organization

/v1/api/organizations/{id}/applications/roles

DELETE

Deleteorganizationapplication — Remove organization application

/v1/api/organizations/{id}/applications/{applicationid}

GET

Listorganizationapplicationroles — Get organization application roles

/v1/api/organizations/{id}/applications/{applicationid}/roles

POST

Assignorganizationrolestoapplication — Add organization application role

/v1/api/organizations/{id}/applications/{applicationid}/roles

PUT

Replaceorganizationapplicationroles — Replace organization application roles

/v1/api/organizations/{id}/applications/{applicationid}/roles

DELETE

Deleteorganizationapplicationrole — Remove organization application role

/v1/api/organizations/{id}/applications/{applicationid}/roles/{organizationroleid}

GET

Listorganizationjitemaildomains — Get organization JIT email domains

/v1/api/organizations/{id}/jit/email-domains

POST

Createorganizationjitemaildomain — Add organization JIT email domain

/v1/api/organizations/{id}/jit/email-domains

PUT

Replaceorganizationjitemaildomains — Replace organization JIT email domains

/v1/api/organizations/{id}/jit/email-domains

DELETE

Deleteorganizationjitemaildomain — Remove organization JIT email domain

/v1/api/organizations/{id}/jit/email-domains/{emaildomain}

GET

Listorganizationjitroles — Get organization JIT default roles

/v1/api/organizations/{id}/jit/roles

POST

Createorganizationjitrole — Add organization JIT default roles

/v1/api/organizations/{id}/jit/roles

PUT

Replaceorganizationjitroles — Replace organization JIT default roles

/v1/api/organizations/{id}/jit/roles

DELETE

Deleteorganizationjitrole — Remove organization JIT default role

/v1/api/organizations/{id}/jit/roles/{organizationroleid}

GET

Listorganizationjitssoconnectors — Get organization JIT SSO connectors

/v1/api/organizations/{id}/jit/sso-connectors

POST

Createorganizationjitssoconnector — Add organization JIT SSO connectors

/v1/api/organizations/{id}/jit/sso-connectors

PUT

Replaceorganizationjitssoconnectors — Replace organization JIT SSO connectors

/v1/api/organizations/{id}/jit/sso-connectors

DELETE

Deleteorganizationjitssoconnector — Remove organization JIT SSO connector

/v1/api/organizations/{id}/jit/sso-connectors/{ssoconnectorid}

GET

Listorganizationusers — Get organization user members

/v1/api/organizations/{id}/users

POST

Addorganizationusers — Add user members to organization

/v1/api/organizations/{id}/users

PUT

Replaceorganizationusers — Replace organization user members

/v1/api/organizations/{id}/users

POST

Assignorganizationrolestousers — Assign roles to organization user members

/v1/api/organizations/{id}/users/roles

DELETE

Deleteorganizationuser — Remove user member from organization

/v1/api/organizations/{id}/users/{userid}

GET

Listorganizationuserroles — Get roles for a user in an organization

/v1/api/organizations/{id}/users/{userid}/roles

POST

Assignorganizationrolestouser — Assign roles to a user in an organization

/v1/api/organizations/{id}/users/{userid}/roles

PUT

Replaceorganizationuserroles — Update roles for a user in an organization

/v1/api/organizations/{id}/users/{userid}/roles

DELETE

Deleteorganizationuserrole — Remove a role from a user in an organization

/v1/api/organizations/{id}/users/{userid}/roles/{organizationroleid}

GET

Listorganizationuserscopes — Get scopes for a user in an organization tailored by the organization roles

/v1/api/organizations/{id}/users/{userid}/scopes

MCP Tools

create-organization

Create an organization

get-organizations

Get organizations

read-only idempotent

get-organization

Get organization

read-only idempotent

update-organization

Update organization

idempotent

delete-organization

Delete organization

idempotent

add-organization-application

Add organization application

replace-organization-applications

Replace organization applications

idempotent

get-organization-applications

Get organization applications

read-only idempotent

Capability Spec

naftiko: 1.0.0-alpha2
info:
  label: Logto API references — Organizations
  description: 'Logto API references — Organizations. 36 operations. Lead operation: Create an organization. Self-contained
    Naftiko capability covering one Logto business surface.'
  tags:
  - Logto
  - Organizations
  created: '2026-05-19'
  modified: '2026-05-19'
binds:
- namespace: env
  keys:
    LOGTO_API_KEY: LOGTO_API_KEY
capability:
  consumes:
  - type: http
    namespace: logto-organizations
    baseUri: https://[tenant_id].logto.app
    description: Logto API references — Organizations business capability. Self-contained, no shared references.
    resources:
    - name: api-organizations
      path: /api/organizations
      operations:
      - name: createorganization
        method: POST
        description: Create an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: listorganizations
        method: GET
        description: Get organizations
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: q
          in: query
          type: string
          description: The query to filter organizations. It can be a partial ID or name.
        - name: showFeatured
          in: query
          type: string
          description: Whether to show featured users in the organization. Featured users are randomly selected from the organization
            members.
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
    - name: api-organizations-id
      path: /api/organizations/{id}
      operations:
      - name: getorganization
        method: GET
        description: Get organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
      - name: updateorganization
        method: PATCH
        description: Update organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: deleteorganization
        method: DELETE
        description: Delete organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-applications
      path: /api/organizations/{id}/applications
      operations:
      - name: addorganizationapplications
        method: POST
        description: Add organization application
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationapplications
        method: PUT
        description: Replace organization applications
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: listorganizationapplications
        method: GET
        description: Get organization applications
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: q
          in: query
          type: string
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
    - name: api-organizations-id-applications-roles
      path: /api/organizations/{id}/applications/roles
      operations:
      - name: assignorganizationrolestoapplications
        method: POST
        description: Assign roles to applications in an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-applications-applicationId
      path: /api/organizations/{id}/applications/{applicationId}
      operations:
      - name: deleteorganizationapplication
        method: DELETE
        description: Remove organization application
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-applications-applicationId-roles
      path: /api/organizations/{id}/applications/{applicationId}/roles
      operations:
      - name: listorganizationapplicationroles
        method: GET
        description: Get organization application roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: assignorganizationrolestoapplication
        method: POST
        description: Add organization application role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationapplicationroles
        method: PUT
        description: Replace organization application roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-applications-applicationId-roles-organizationRoleId
      path: /api/organizations/{id}/applications/{applicationId}/roles/{organizationRoleId}
      operations:
      - name: deleteorganizationapplicationrole
        method: DELETE
        description: Remove organization application role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-jit-email-domains
      path: /api/organizations/{id}/jit/email-domains
      operations:
      - name: listorganizationjitemaildomains
        method: GET
        description: Get organization JIT email domains
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: createorganizationjitemaildomain
        method: POST
        description: Add organization JIT email domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationjitemaildomains
        method: PUT
        description: Replace organization JIT email domains
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-jit-email-domains-emailDomain
      path: /api/organizations/{id}/jit/email-domains/{emailDomain}
      operations:
      - name: deleteorganizationjitemaildomain
        method: DELETE
        description: Remove organization JIT email domain
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: emailDomain
          in: path
          type: string
          description: The email domain to remove.
          required: true
    - name: api-organizations-id-jit-roles
      path: /api/organizations/{id}/jit/roles
      operations:
      - name: listorganizationjitroles
        method: GET
        description: Get organization JIT default roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: createorganizationjitrole
        method: POST
        description: Add organization JIT default roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationjitroles
        method: PUT
        description: Replace organization JIT default roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-jit-roles-organizationRoleId
      path: /api/organizations/{id}/jit/roles/{organizationRoleId}
      operations:
      - name: deleteorganizationjitrole
        method: DELETE
        description: Remove organization JIT default role
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-jit-sso-connectors
      path: /api/organizations/{id}/jit/sso-connectors
      operations:
      - name: listorganizationjitssoconnectors
        method: GET
        description: Get organization JIT SSO connectors
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: createorganizationjitssoconnector
        method: POST
        description: Add organization JIT SSO connectors
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationjitssoconnectors
        method: PUT
        description: Replace organization JIT SSO connectors
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-jit-sso-connectors-ssoConnectorId
      path: /api/organizations/{id}/jit/sso-connectors/{ssoConnectorId}
      operations:
      - name: deleteorganizationjitssoconnector
        method: DELETE
        description: Remove organization JIT SSO connector
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-users
      path: /api/organizations/{id}/users
      operations:
      - name: listorganizationusers
        method: GET
        description: Get organization user members
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: q
          in: query
          type: string
          description: The query to filter users. It will match multiple fields of users, including ID, name, username, email,
            and phone number.
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: addorganizationusers
        method: POST
        description: Add user members to organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationusers
        method: PUT
        description: Replace organization user members
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-users-roles
      path: /api/organizations/{id}/users/roles
      operations:
      - name: assignorganizationrolestousers
        method: POST
        description: Assign roles to organization user members
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-users-userId
      path: /api/organizations/{id}/users/{userId}
      operations:
      - name: deleteorganizationuser
        method: DELETE
        description: Remove user member from organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-users-userId-roles
      path: /api/organizations/{id}/users/{userId}/roles
      operations:
      - name: listorganizationuserroles
        method: GET
        description: Get roles for a user in an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: page
          in: query
          type: integer
          description: Page number (starts from 1).
        - name: page_size
          in: query
          type: integer
          description: Entries per page.
      - name: assignorganizationrolestouser
        method: POST
        description: Assign roles to a user in an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
      - name: replaceorganizationuserroles
        method: PUT
        description: Update roles for a user in an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
        inputParameters:
        - name: body
          in: body
          type: object
          description: Request body (JSON).
          required: true
    - name: api-organizations-id-users-userId-roles-organizationRoleId
      path: /api/organizations/{id}/users/{userId}/roles/{organizationRoleId}
      operations:
      - name: deleteorganizationuserrole
        method: DELETE
        description: Remove a role from a user in an organization
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    - name: api-organizations-id-users-userId-scopes
      path: /api/organizations/{id}/users/{userId}/scopes
      operations:
      - name: listorganizationuserscopes
        method: GET
        description: Get scopes for a user in an organization tailored by the organization roles
        outputRawFormat: json
        outputParameters:
        - name: result
          type: object
          value: $.
    authentication:
      type: bearer
      token: '{{env.LOGTO_API_KEY}}'
  exposes:
  - type: rest
    namespace: logto-organizations-rest
    port: 8080
    description: REST adapter for Logto API references — Organizations. One Spectral-compliant resource per consumed operation,
      prefixed with /v1.
    resources:
    - path: /v1/api/organizations
      name: api-organizations
      description: REST surface for api-organizations.
      operations:
      - method: POST
        name: createorganization
        description: Create an organization
        call: logto-organizations.createorganization
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: listorganizations
        description: Get organizations
        call: logto-organizations.listorganizations
        with:
          q: rest.q
          showFeatured: rest.showFeatured
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}
      name: api-organizations-id
      description: REST surface for api-organizations-id.
      operations:
      - method: GET
        name: getorganization
        description: Get organization
        call: logto-organizations.getorganization
        outputParameters:
        - type: object
          mapping: $.
      - method: PATCH
        name: updateorganization
        description: Update organization
        call: logto-organizations.updateorganization
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: DELETE
        name: deleteorganization
        description: Delete organization
        call: logto-organizations.deleteorganization
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/applications
      name: api-organizations-id-applications
      description: REST surface for api-organizations-id-applications.
      operations:
      - method: POST
        name: addorganizationapplications
        description: Add organization application
        call: logto-organizations.addorganizationapplications
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationapplications
        description: Replace organization applications
        call: logto-organizations.replaceorganizationapplications
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: GET
        name: listorganizationapplications
        description: Get organization applications
        call: logto-organizations.listorganizationapplications
        with:
          q: rest.q
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/applications/roles
      name: api-organizations-id-applications-roles
      description: REST surface for api-organizations-id-applications-roles.
      operations:
      - method: POST
        name: assignorganizationrolestoapplications
        description: Assign roles to applications in an organization
        call: logto-organizations.assignorganizationrolestoapplications
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/applications/{applicationid}
      name: api-organizations-id-applications-applicationid
      description: REST surface for api-organizations-id-applications-applicationId.
      operations:
      - method: DELETE
        name: deleteorganizationapplication
        description: Remove organization application
        call: logto-organizations.deleteorganizationapplication
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/applications/{applicationid}/roles
      name: api-organizations-id-applications-applicationid-roles
      description: REST surface for api-organizations-id-applications-applicationId-roles.
      operations:
      - method: GET
        name: listorganizationapplicationroles
        description: Get organization application roles
        call: logto-organizations.listorganizationapplicationroles
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: assignorganizationrolestoapplication
        description: Add organization application role
        call: logto-organizations.assignorganizationrolestoapplication
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationapplicationroles
        description: Replace organization application roles
        call: logto-organizations.replaceorganizationapplicationroles
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/applications/{applicationid}/roles/{organizationroleid}
      name: api-organizations-id-applications-applicationid-roles-organizationroleid
      description: REST surface for api-organizations-id-applications-applicationId-roles-organizationRoleId.
      operations:
      - method: DELETE
        name: deleteorganizationapplicationrole
        description: Remove organization application role
        call: logto-organizations.deleteorganizationapplicationrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/email-domains
      name: api-organizations-id-jit-email-domains
      description: REST surface for api-organizations-id-jit-email-domains.
      operations:
      - method: GET
        name: listorganizationjitemaildomains
        description: Get organization JIT email domains
        call: logto-organizations.listorganizationjitemaildomains
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createorganizationjitemaildomain
        description: Add organization JIT email domain
        call: logto-organizations.createorganizationjitemaildomain
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationjitemaildomains
        description: Replace organization JIT email domains
        call: logto-organizations.replaceorganizationjitemaildomains
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/email-domains/{emaildomain}
      name: api-organizations-id-jit-email-domains-emaildomain
      description: REST surface for api-organizations-id-jit-email-domains-emailDomain.
      operations:
      - method: DELETE
        name: deleteorganizationjitemaildomain
        description: Remove organization JIT email domain
        call: logto-organizations.deleteorganizationjitemaildomain
        with:
          emailDomain: rest.emailDomain
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/roles
      name: api-organizations-id-jit-roles
      description: REST surface for api-organizations-id-jit-roles.
      operations:
      - method: GET
        name: listorganizationjitroles
        description: Get organization JIT default roles
        call: logto-organizations.listorganizationjitroles
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createorganizationjitrole
        description: Add organization JIT default roles
        call: logto-organizations.createorganizationjitrole
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationjitroles
        description: Replace organization JIT default roles
        call: logto-organizations.replaceorganizationjitroles
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/roles/{organizationroleid}
      name: api-organizations-id-jit-roles-organizationroleid
      description: REST surface for api-organizations-id-jit-roles-organizationRoleId.
      operations:
      - method: DELETE
        name: deleteorganizationjitrole
        description: Remove organization JIT default role
        call: logto-organizations.deleteorganizationjitrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/sso-connectors
      name: api-organizations-id-jit-sso-connectors
      description: REST surface for api-organizations-id-jit-sso-connectors.
      operations:
      - method: GET
        name: listorganizationjitssoconnectors
        description: Get organization JIT SSO connectors
        call: logto-organizations.listorganizationjitssoconnectors
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: createorganizationjitssoconnector
        description: Add organization JIT SSO connectors
        call: logto-organizations.createorganizationjitssoconnector
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationjitssoconnectors
        description: Replace organization JIT SSO connectors
        call: logto-organizations.replaceorganizationjitssoconnectors
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/jit/sso-connectors/{ssoconnectorid}
      name: api-organizations-id-jit-sso-connectors-ssoconnectorid
      description: REST surface for api-organizations-id-jit-sso-connectors-ssoConnectorId.
      operations:
      - method: DELETE
        name: deleteorganizationjitssoconnector
        description: Remove organization JIT SSO connector
        call: logto-organizations.deleteorganizationjitssoconnector
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users
      name: api-organizations-id-users
      description: REST surface for api-organizations-id-users.
      operations:
      - method: GET
        name: listorganizationusers
        description: Get organization user members
        call: logto-organizations.listorganizationusers
        with:
          q: rest.q
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: addorganizationusers
        description: Add user members to organization
        call: logto-organizations.addorganizationusers
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationusers
        description: Replace organization user members
        call: logto-organizations.replaceorganizationusers
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users/roles
      name: api-organizations-id-users-roles
      description: REST surface for api-organizations-id-users-roles.
      operations:
      - method: POST
        name: assignorganizationrolestousers
        description: Assign roles to organization user members
        call: logto-organizations.assignorganizationrolestousers
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users/{userid}
      name: api-organizations-id-users-userid
      description: REST surface for api-organizations-id-users-userId.
      operations:
      - method: DELETE
        name: deleteorganizationuser
        description: Remove user member from organization
        call: logto-organizations.deleteorganizationuser
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users/{userid}/roles
      name: api-organizations-id-users-userid-roles
      description: REST surface for api-organizations-id-users-userId-roles.
      operations:
      - method: GET
        name: listorganizationuserroles
        description: Get roles for a user in an organization
        call: logto-organizations.listorganizationuserroles
        with:
          page: rest.page
          page_size: rest.page_size
        outputParameters:
        - type: object
          mapping: $.
      - method: POST
        name: assignorganizationrolestouser
        description: Assign roles to a user in an organization
        call: logto-organizations.assignorganizationrolestouser
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
      - method: PUT
        name: replaceorganizationuserroles
        description: Update roles for a user in an organization
        call: logto-organizations.replaceorganizationuserroles
        with:
          body: rest.body
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users/{userid}/roles/{organizationroleid}
      name: api-organizations-id-users-userid-roles-organizationroleid
      description: REST surface for api-organizations-id-users-userId-roles-organizationRoleId.
      operations:
      - method: DELETE
        name: deleteorganizationuserrole
        description: Remove a role from a user in an organization
        call: logto-organizations.deleteorganizationuserrole
        outputParameters:
        - type: object
          mapping: $.
    - path: /v1/api/organizations/{id}/users/{userid}/scopes
      name: api-organizations-id-users-userid-scopes
      description: REST surface for api-organizations-id-users-userId-scopes.
      operations:
      - method: GET
        name: listorganizationuserscopes
        description: Get scopes for a user in an organization tailored by the organization roles
        call: logto-organizations.listorganizationuserscopes
        outputParameters:
        - type: object
          mapping: $.
  - type: mcp
    namespace: logto-organizations-mcp
    port: 9090
    transport: http
    description: MCP adapter for Logto API references — Organizations. One tool per consumed operation, routed inline through
      this capability's consumes block.
    tools:
    - name: create-organization
      description: Create an org

# --- truncated at 32 KB (44 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/logto/refs/heads/main/capabilities/logto-organizations.yaml