Skip to content

GET /api/v1/admin/super/orgs

This page is auto-generated from src/admin/routes.ts. Do not edit by hand — see docs/dev/docs-auto-sync.md.

:warning: Heuristic extraction — not a contract. Response shapes below are mined from c.json(...) literals in the handler via an AST walker. Computed fields, ternaries, and non-literal returns are shown as placeholders. Refer to the linked source file for the authoritative behaviour.

No requireCapability middleware detected on this route. Surface-level auth (admin token, dashboard session, org API key, anonymous proxy) is enforced by the parent router — see Source below.

Other middleware observed on this route (heuristic):

  • requireSuperAdmin
  • listSuperOrgs

--- Super-admin cross-org dashboard (#400) -------------------------------

Internal Upwarden-staff surface. NOT customer-facing. Read-only. Same admin-token gate as every other admin route; layered requireSuperAdmin rejects any non-admin-token principal (a Stytch tenant principal couldn’t reach here today anyway because the admin-token middleware above 401s on missing/invalid token, but the layered gate keeps the surface honest against a future identity-provider that resolves admin-token alongside member identity). The implementation lives in src/admin/super.ts to keep this file focused on per-org admin surfaces.

No c.json(...) calls detected in the handler. The route may return a non-JSON response (HTML, file stream, redirect), delegate to a named handler defined elsewhere, or build the response object dynamically. Refer to the source file.

  • File: src/admin/routes.ts
  • Line: 353