Invited Users Management
You can manage users in your Brevo profile. This guide helps the profile owner to manage their users, edit the invited users access permission and delete users through the API endpoints. The endpoints are mentioned below.
Get all invited users
This API endpoint allows you to retrieve your invited users. To send a request to this endpoint, you need to use the GET
method and use the url https://api.brevo.com/v3/organization/invited/users
. You can use the cURL request below:
curl --request GET \
--url https://api.brevo.com/v3/organization/invited/users \
--header 'accept: application/json' \
--header 'api-key: '
There are no parameters for this endpoint as it is a GET
request so you just need your API-key to run the endpoint and it will send you the response as a string in JSON mentioning the users that are already invited to your user account. The response codes are mentioned below in a table.
Response code | Message | Description |
---|---|---|
200 | List of all users | Displays list of invited users, their status and the features they are using and other details. |
400 | Bad request | Bad request due to invalid_parameters or missing_parameters |
A sample JSON response is shown below which consists of all the users and their details in the accounts including the owners and invited users.
{
"users": [
{
"email": "[email protected]",
"is_owner": true,
"status": "active",
"feature_access": {
"marketing": "owner",
"conversations": "owner",
"crm": "owner"
}
},
{
"email": "[email protected]",
"is_owner": false,
"status": "pending",
"feature_access": {
"marketing": "custom",
"conversations": "none",
"crm": "full"
}
},
{
"email": "[email protected]",
"is_owner": false,
"status": "active",
"feature_access": {
"marketing": "none",
"conversations": "full",
"crm": "none"
}
}
]
}
Get users permissions
This API endpoint https://api.brevo.com/v3/organization/user/{email}/permissions
allows to get the permissions for the invited user. You can implement the GET
method to send a request to this endpoint and you can use the cURL request below:
curl --request GET \
--url https://api.brevo.com/v3/organization/user/example%40brevo.com/permissions \
--header 'accept: application/json' \
--header 'api-key: '
You only have to send one parameter email
in the request which is mentioned below along with its details.
Attribute | Datatype | Description | Value |
---|---|---|---|
email | String | Email for the invited user | [email protected] |
After the successful request, you get a response which consists of the features that the invited user uses and its permissions. The schema with the 200
response code for the response would look something like this:
{
"email": "[email protected]",
"status": "active",
"privileges": [
{
"feature": "Email campaign",
"permissions": [
"Create / edit / delete",
"Send / schedule / suspend"
]
},
{
"feature": "Templates",
"permissions": [
"Create / edit / delete",
"Activate / deactivate"
]
},
{
"feature": "SMS campaign",
"permissions": [
"Create / edit / delete",
"Send / schedule / suspend"
]
},
{
"feature": "Facebook Ads",
"permissions": [
"Schedule / pause"
]
},
{
"feature": "Landing pages",
"permissions": [
"All"
]
},
{
"feature": "Workflows",
"permissions": [
"Create / edit / delete",
"Activate / deactivate / Pause"
]
},
{
"feature": "Contacts",
"permissions": [
"View",
"Contact forms"
]
},
{
"feature": "API keys",
"permissions": [
"All"
]
},
{
"feature": "User management",
"permissions": [
"None"
]
},
{
"feature": "Sales Platform",
"permissions": [
"All"
]
},
{
"feature": "Conversations",
"permissions": [
"None"
]
}
]
}
For the 400
bad request, the schema would look something like this:
{
"code": "method_not_allowed",
"message": "POST Method is not allowed on this path"
}
The response codes are mentioned below in a table.
Response code | Message | Description |
---|---|---|
200 | Success | All the details like users status in the account and his privileges are displayed in the JSON response along with the users email. |
400 | Bad request | Bad request due to incorrect parameters like the email format could be wrong or you account does not support inviting users. |
Resend / Cancel Invitation
The endpoint https://api.brevo.com/v3/organization/user/invitation/{action}/{email}
uses the HTTP PUT
method to run the request. This endpoint performs actions on the invited users access to the account. This API endpoint resends, cancels or revokes the users access to the account. It has two parameters mentioned below in the table.
Attribute | Datatype | Description | Value |
---|---|---|---|
action | String | The action to be performed on the invited user | resend , cancel |
email | String | Email of the invited user | [email protected] |
The response shows an OK
status if the request runs successfully. An example 200
successful response would look like:
{
"status": "OK",
"credit_notes": [
"TEST-123"
]
}
On the other hand, you may not have access to change the users rights of access. So, a sample error response with code 403
would look something like:
{
"message": "string",
"developer_message": "string"
}
A table below mentions the response codes.
Response codes | Message | Description |
---|---|---|
200 | Success | The PUT request is successful and the access rights are updated for the invited user. |
403 | Unauthorized access | You do not have access to resend or cancel an invitation |
Revoke a users permission
You can revoke or stop giving access to an invited user through this endpoint. You can use the endpoint https://api.brevo.com/v3/organization/user/invitation/revoke/{email}
with the HTTP method PUT
as you are updating the rights for an invited user. A cURL request is depicted below to send a request.
curl --request PUT \
--url https://api.brevo.com/v3/organization/user/invitation/revoke/revokeduser%40email.com \
--header 'accept: application/json' \
--header 'api-key: '
There is only one attribute for this mentioned and defined below in a table.
Attribute | Datatype | Description | Value |
---|---|---|---|
example | String | Email of the user whose access is to be revoked | [email protected] |
After the request is successful, a JSON response is shown with two response codes 200
and 403
. We will define them below in a table.
Response code | Message | Description |
---|---|---|
200 | Credit note exists | Users access to the account is revoked |
403 | Unauthorized access | You are not authorized to revoke an access for any user |
A JSON response is also shown below.
{
"status": "OK",
"credit_notes": [
"TEST-123"
]
}
Send an invitation to the user
You can invite a user by using this endpoint. You can send an invitation to them and they will receive an email to join your account to access certain features. You can use the endpoint https://api.brevo.com/v3/organization/user/invitation/send
with the HTTP method POST
to run the request. A cURL request for inviting the user would look something like this.
curl --request POST \
--url https://api.brevo.com/v3/organization/user/invitation/send \
--header 'accept: application/json' \
--header 'api-key: ' \
--header 'content-type: application/json' \
--data '
{
"all_features_access": false,
"email": "[email protected]",
"privileges": [
{
"feature": "sms_campaigns",
"permissions": [
"view",
"create_edit_delete"
]
},
{
"feature": "transactional_emails",
"permissions": [
"activate_deactivate",
"settings"
]
}
]
}
You can navigate to the API reference and you can find more details on the parameters for this endpoint. You can find the parameters below to invite the user to the platform.
Attribute | Datatype | Description | Value |
---|---|---|---|
email | String | Email of the invited user | [email protected] |
all_features_access | Boolean | Describes if all the features can be accessed by the user or not | true or false |
privileges | Object | Object showing the features for the user and its permissions | feature , permissions |
There are some pre-defined values for features
and permissions
and the user has to choose from them. For the privileges
object, we will define its attributes below:
Attribute | Datatype | Description | Value |
---|---|---|---|
features | String | The features offered from Brevo | Some of the features are landing_pages , api-keys , sales_platform , user_management and phone |
permissions | String | Permissions for the features | Some of the permissions areall or send_schedule_suspend or create_edit_delete |
For the JSON response, there are some error codes which are defined below in a table.
Response code | Message | Description |
---|---|---|
200 | { "status": "ok" } | The invitation is sent successfully. |
400 | invalid_invitation_request | The invitation request is not valid due to errors like invalid plan for inviting users or user limit is reached. |
403 | access_denied | Access is denied to invite users |
A JSON response is displayed below.
{
"status": "OK",
"credit_notes": [
"TEST-123"
],
"invoice_id": "string"
}
Update users permissions
This endpoint allows to update the permissions for the invited users. You can use the endpoint https://api.brevo.com/v3/organization/user/update/permissions
with the calling method POST
to send the payload for the request. A cURL request is shown below.
curl --request POST \
--url https://api.brevo.com/v3/organization/user/update/permissions \
--header 'accept: application/json' \
--header 'api-key: ' \
--header 'content-type: application/json' \
--data '
{
"all_features_access": true,
"email": "[email protected]"
}
'
You can navigate to the API reference and you can find more details on the parameters for this endpoint. The parameters used are almost similar to sending an invitation to the user. They are mentioned below in a table
Attribute | Datatype | Description | Value |
---|---|---|---|
email | String | Email of the invited user | [email protected] |
all_features_access | Boolean | Describes if all the features can be accessed by the user or not | true or false |
privileges | Object | Object showing the features for the user and its permissions | feature , permissions |
For the privileges
object, we will define its attributes below:
Attribute | Datatype | Description | Value |
---|---|---|---|
features | String | The features offered from Brevo | Some of the features are landing_pages , api-keys , sales_platform , user_management and phone |
permissions | String | Permissions for the features | all or none |
For the JSON response, there are some error codes which are defined below in a table.
Response code | Message | Description |
---|---|---|
200 | { "status": "ok" } | The invitation is sent successfully. |
400 | invalid_invitation_request | The invitation request is not valid due to errors like invalid plan for inviting users or user limit is reached. |
403 | access_denied | Access is denied to invite users |
For the 200
success response code the response format would look something like depicted below.
{
"status": "OK",
"credit_notes": [
"TEST-123"
],
"invoice_id": "string"
}
Updated 12 months ago