Easily add users as members to an organization.
Invitations are a way of adding a specific user as a member to an organization. They provide a flow for end-users to engage in collaboration that takes into consideration security and user choice.
Each invitation is for a specific email address to a specific organization. Invitations are for both new users and existing users.
Each invitation is a two step process:
If an invitation is created for an email address that does not yet exist, an email is sent to that user with a link to sign up for your application and join the organization.
As part of signing up, they automatically join the organization. If a user is invited to multiple organizations, they only join the organization for which they clicked the invitation email for, indicating intent to join that specific organization.
If an invitation is for an existing user, clicking the link in the email and signing in adds the user as a member to the organization. If the user is already signed-in, you can use the invitation code to validate that the signed-in user is eligible to use the invitation, by querying the Invitation API.
This offers choice for the end-user so that they aren’t automatically added to organizations that may be attempting phishing attacks.
Invitations do not have to be specific to an organization. An invitation sent without specifying an organization is an invitation to join the application. This allows your existing users help grow your application by inviting peers organically.
When sign-up is disabled, users cannot register for a new account through AuthKit or the API. When a valid invitation code is present in the sign-in flow, registration is opened up both in AuthKit and the API so that a new user may sign up. This lets you model your application as a closed-registration invitation-only system.
Invitations can be sent programmatically by your application with the Invitation API, or viewed and manually created in the WorkOS Dashboard.