Infra0 Docs

API Reference

Groups

List Groups

  • API Name: List Groups
  • API Route: GET /api/v1/groups
  • Request:
    • Auth: Session required, permission: group.view
  • What it does: Returns groups visible to the authenticated user. Admins and super admins see all groups in their organization. Regular users (dev role) see only groups they are members of. Automatically maps users to the default org if they have no org membership yet.
  • Returns:
json
  { "data": [ { "id", "name", "description", "orgId", "createdBy", ... } ] }

Create Group

  • API Name: Create Group
  • API Route: POST /api/v1/groups
  • Request:
    • Body:
json
    {
      "name": "string (required)",
      "description": "string (optional)",
      "projectId": "string (optional) — map to existing project",
      "newProject": {
        "projectName": "string",
        "cloudProviderId": "number",
        "description": "string (optional)",
        "iacTool": "terraform | opentofu (default: terraform)"
      }
    }
  • What it does: Creates a new group within the user's organization. Optionally maps the group to an existing project or creates a new project simultaneously. If a project is mapped, all project members are synced into the group. If no project is mapped, the creator is added as the first member.
  • Returns: 201 with the created group object. 400 if user has no organization. 403 if lacks permission.

Get Group

  • API Name: Get Group by ID
  • API Route: GET /api/v1/groups/[groupId]
  • Request:
    • Params: groupId (string) — Group ID
    • Auth: Session required, permission: group.view. Dev-role users must be a member of the group.
  • What it does: Fetches a single group by ID. Enforces membership check for dev role users.
  • Returns: The group object. 404 if not found. 403 if dev user is not a member.

Update Group

  • API Name: Update Group
  • API Route: PATCH /api/v1/groups/[groupId]
  • Request:
    • Params: groupId (string) — Group ID
    • Body:
json
    {
      "name": "string (optional)",
      "description": "string (optional)"
    }
  • What it does: Updates the name or description of a group.
  • Returns: The updated group object. 404 if not found.

Delete Group

  • API Name: Delete Group
  • API Route: DELETE /api/v1/groups/[groupId]
  • Request:
    • Params: groupId (string) — Group ID
    • Auth: Session required, permission: group.delete
  • What it does: Permanently deletes a group and all its associations.
  • Returns: { "success": true }. 404 if not found.

List Group Members

  • API Name: List Group Members
  • API Route: GET /api/v1/groups/[groupId]/members
  • Request:
    • Params: groupId (string) — Group ID
    • Auth: Session required, permission: group.view
  • What it does: Returns all members of a group with their roles.
  • Returns:
json
  { "data": [ { "userId", "roleId", "assignedBy", ... } ] }

Add Group Member

  • API Name: Add Group Member
  • API Route: POST /api/v1/groups/[groupId]/members
  • Request:
    • Params: groupId (string) — Group ID
    • Body:
json
    {
      "userId": "uuid (required)",
      "roleId": "uuid (required)"
    }
  • What it does: Adds a user to the group with the specified role. Also syncs the user into all projects mapped to this group.
  • Returns: 201 with the new member record.

Resync Group Members

  • API Name: Resync Group Members from Projects
  • API Route: PATCH /api/v1/groups/[groupId]/members
  • Request:
    • Params: groupId (string) — Group ID
    • Auth: Session required, permission: group.view
  • What it does: Re-syncs all users from the group's linked projects back into the group membership. Useful for pulling in users who were granted project access without the automatic group sync running.
  • Returns: { "data": [ ...updated members ] }

Remove Group Member

  • API Name: Remove Group Member
  • API Route: DELETE /api/v1/groups/[groupId]/members
  • Request:
    • Params: groupId (string) — Group ID
    • Body:
json
    {
      "userId": "uuid (required)"
    }
  • What it does: Removes a user from a group.
  • Returns: { "success": true }

List Group Projects

  • API Name: List Group Projects
  • API Route: GET /api/v1/groups/[groupId]/projects
  • Request:
    • Params: groupId (string) — Group ID
    • Auth: Session required, permission: group.view
  • What it does: Returns all projects mapped to the specified group.
  • Returns:
json
  { "data": [ { "id", "projectName", ... } ] }

Map Group to Project

  • API Name: Map Group to Project
  • API Route: POST /api/v1/groups/[groupId]/projects
  • Request:
    • Params: groupId (string) — Group ID
    • Body:
json
    {
      "projectId": "string (required)"
    }
  • What it does: Creates a mapping between a group and a project, allowing group members to access that project.
  • Returns: 201 with the mapping record.
DriftMCP