EntityEngine

Collaborators API

Invite end customers as collaborators on an entity and manage active access

Entities created via your API key are owned by the user behind that API key. To give your end customer access to the entity in their own EntityEngine account — for ongoing maintenance, surveys, or document review — invite them as a collaborator. Once they accept, they can sign in and see the entity in their own dashboard while you keep API control.

Signup-on-claim caveat

The invited user must complete signup or login on EntityEngine to claim collaborator access. Today, this is a one-time interruption in your in-app flow. A magic-link single-click claim flow is planned but not yet shipped.

Lifecycle

  1. POST /entities/:id/invitations — sends the invite email and returns an accept_url. Status is pending.
  2. The customer clicks the link, signs up or logs in, and is added to entity_collaborators. Invitation status flips to accepted.
  3. Need to remove access? Call DELETE /entities/:id/collaborators/:userId. You cannot remove yourself; transfer ownership first.
  4. Need to cancel a pending invite? Call DELETE /entities/:id/invitations/:invId. Status flips to revoked.

Invitations

Collaborators

Related webhook events

EventFires when
invitation.sentA new invitation is created and the email is dispatched.
invitation.acceptedThe invitee signs up / logs in and claims access.
invitation.expiredAn invitation lapses past its expiry without being accepted.
invitation.revokedA pending invitation is cancelled by the entity owner.
collaborator.addedA user is added to the entity (after accepting invitation).
collaborator.removedA collaborator is removed from the entity.

Example: invite a customer to their own entity

Invite + monitor flow
# 1. Invite the customer to the entity you created on their behalf
curl -X POST https://app.entityengine.io/api/v1/entities/ent_01HZX.../invitations \
  -H "Authorization: Bearer sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{ "email": "founder@example.com", "role": "collaborator" }'

# 2. (Optional) Forward the accept_url yourself if you want to skip the invite email
#    — just disable email at the dashboard if needed.

# 3. Listen for invitation.accepted to know when the customer is in.
#    Then, list collaborators to confirm:
curl https://app.entityengine.io/api/v1/entities/ent_01HZX.../collaborators \
  -H "Authorization: Bearer sk_live_..."

# 4. If the customer churns, revoke access:
curl -X DELETE https://app.entityengine.io/api/v1/entities/ent_01HZX.../collaborators/usr_01HZY... \
  -H "Authorization: Bearer sk_live_..."