Organizations API
The Organizations API provides access to organization-level data and settings.
Endpoints
GET Organization Data
Retrieve organization information for client applications.
GET /api/organizations/orgdata-for-clientsThis endpoint returns basic organization information and metadata. It's commonly used by client applications to retrieve configuration needed for initialization.
Response
Status: 200 OK
json
{
"id": "org_123",
"name": "Acme Corp",
"metadata": {
"targetOrigin": "https://example.com",
"privacyPolicyUrl": "https://example.com/privacy",
"termsUrl": "https://example.com/terms"
}
}Response Fields:
id(string) - Organization UUIDname(string) - Organization namemetadata(object) - Organization metadata containing custom configurationtargetOrigin(string, optional) - Allowed origin for Web Interaction InterfaceprivacyPolicyUrl(string, optional) - URL to privacy policytermsUrl(string, optional) - URL to terms of service- Custom fields as configured by your organization
Example
bash
curl -X GET https://api.kindflow.ai/api/organizations/orgdata-for-clients \
-H "x-api-key: your_api_key_here"Example Response
json
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"name": "Acme Corporation",
"metadata": {
"targetOrigin": "https://www.acme.com",
"privacyPolicyUrl": "https://www.acme.com/privacy",
"termsUrl": "https://www.acme.com/terms",
"supportEmail": "support@acme.com",
"brandColor": "#4F46E5"
}
}Common Use Cases
Initialize Client Application
Fetch organization data when initializing your client application to get necessary configuration:
javascript
// Fetch organization data on app initialization
async function initializeApp(apiKey) {
const response = await fetch(
"https://api.kindflow.ai/api/organizations/orgdata-for-clients",
{
headers: {
"x-api-key": apiKey,
},
}
);
const orgData = await response.json();
// Use organization data for configuration
console.log("Organization:", orgData.name);
console.log("Privacy Policy:", orgData.metadata.privacyPolicyUrl);
console.log("Terms:", orgData.metadata.termsUrl);
return orgData;
}Validate Origin for Web Interaction Interface
Use the targetOrigin metadata to validate that the Web Interaction Interface is embedded on an authorized domain:
javascript
async function validateOrigin(apiKey, currentOrigin) {
const response = await fetch(
"https://api.kindflow.ai/api/organizations/orgdata-for-clients",
{
headers: {
"x-api-key": apiKey,
},
}
);
const orgData = await response.json();
const allowedOrigin = orgData.metadata.targetOrigin;
if (currentOrigin !== allowedOrigin) {
throw new Error("Unauthorized origin");
}
return true;
}Best Practices
- Cache Organization Data: Organization data changes infrequently, consider caching it
- Use Metadata: Store custom configuration in organization metadata
- Validate Origins: Use
targetOriginto ensure Web Interaction Interface is only embedded on authorized domains