Organizations
An organization is the top-level account boundary in FoundryDB. Every service, database user, backup, and API token belongs to an organization. Billing is tracked per organization, and access to resources is controlled by each member's role.
How Organizations Work
When you register, a personal organization is created automatically. Personal organizations cannot be deleted or transferred. If you are building a team or a company account, create a separate organization and invite your colleagues.
curl -u user:password -X POST https://api.foundrydb.com/organizations \
-H "Content-Type: application/json" \
-d '{
"name": "Acme Engineering",
"slug": "acme-engineering",
"billing_email": "billing@acme.com"
}'
The slug must be unique across all organizations and may only contain lowercase letters, numbers, and hyphens. It cannot be changed after creation.
What an Organization Contains
| Resource | Notes |
|---|---|
| Members | Users with one of four roles: owner, admin, developer, or viewer |
| Services | All managed database clusters belong to an org |
| API tokens | Tokens are owned by individual members; org owners and admins can audit and revoke them |
| Billing | Usage, invoices, and payment method are org-scoped |
| Compliance reports | Signed evidence packets (SOC 2, GDPR, DORA, EU AI Act) |
Roles at a Glance
| Role | Who assigns it | What they can do |
|---|---|---|
owner | Other owners only | Everything, including delete org and transfer ownership |
admin | Owners | Manage members, services, backups, billing view, org settings |
developer | Owners, admins | Create and manage services, database users, backups, alerts |
viewer | Owners, admins | Read-only access to services, configs, backups, alerts, logs |
An organization always has at least one owner. The last owner cannot be removed or demoted until another member is promoted to owner first.
Invitations
Members are added by email invitation. The invitee must already have a FoundryDB account. When you send an invite, an email is dispatched with a time-limited accept link. Pending invites can be cancelled before they are accepted.
See Members and Roles for the full invitation flow.
API Tokens and Scopes
Each member can create personal API tokens, optionally restricted to a subset of resource families (services, backups, pipelines, webhooks, billing). Organization owners and admins can list every member's tokens and revoke any of them.
See Scoped API Tokens and API Token Scopes.
Usage and Billing Visibility
Any member with the org:view_billing permission (owner, admin) can view the organization's current usage, historical billing periods, and invoices. Usage is tracked hourly per service, broken down into compute, storage, and backup costs.
See Usage and Metering.
Compliance Evidence
Any member can generate a signed compliance evidence packet for the organization. Supported frameworks are SOC 2, GDPR Article 30 ROPA, DORA, and EU AI Act. Packets are cryptographically signed with an Ed25519 key and can be independently verified by an auditor.
See Compliance Reports and Signed Compliance Reports.
Listing Your Organizations
curl -u user:password https://api.foundrydb.com/organizations
Returns every organization you belong to, including your personal one.