Skip to main content
POST
/
v1
/
query
/
get-invite-users-payload-passkey
Get invite users payload
curl --request POST \
  --url https://api.example.com/v1/query/get-invite-users-payload-passkey \
  --header 'Content-Type: application/json' \
  --header 'X-Pubkey: <x-pubkey>' \
  --header 'X-Pubkey, X-Timestamp, X-Signature: <api-key>' \
  --header 'X-Signature: <x-signature>' \
  --header 'X-Timestamp: <x-timestamp>' \
  --data '
{
  "accountId": "550e8400-e29b-41d4-a716-446655440000",
  "newUsers": [
    {
      "userName": "John Doe",
      "userEmail": "john.doe@example.com"
    }
  ]
}
'
{
  "bodyToSign": {
    "type": "ACTIVITY_TYPE_CREATE_USERS_V3",
    "timestampMs": "<string>",
    "organizationId": "d107c1e1-766a-4091-802c-de61a3973e91",
    "parameters": {
      "users": [
        {
          "userName": "John Doe",
          "userEmail": "john.doe@example.com",
          "apiKeys": [
            {
              "apiKeyName": "Byzantine API Key",
              "publicKey": "c51b102585622c59715784828c579278d5360159cd214fc976f5ce537c41872231",
              "curveType": "API_KEY_CURVE_P256",
              "expirationSeconds": "3600"
            }
          ],
          "authenticators": [
            {
              "authenticatorName": "<string>",
              "challenge": "<string>",
              "attestation": {
                "credentialId": "<string>",
                "clientDataJson": "<string>",
                "attestationObject": "<string>",
                "transports": [
                  "AUTHENTICATOR_TRANSPORT_BLE"
                ]
              }
            }
          ],
          "oauthProviders": [
            {
              "providerName": "<string>",
              "oidcToken": "<string>"
            }
          ],
          "userTags": [
            "<string>"
          ]
        }
      ]
    }
  }
}

Authorizations

X-Pubkey, X-Timestamp, X-Signature
string
header
required

Headers

X-Pubkey
string
required

Integrator's ECDSA public key (P-256 curve, compressed SEC1 format). Example: 0x038fedef7c12f93bbf342ad8943b7a825a3b41f61c9dc118b2c718efebabbf62fd

X-Timestamp
string
required

Unix timestamp in seconds (UTC). Must be within tolerance window (1 minute) to prevent replay attacks. Example: 1760375826

X-Signature
string
required

ECDSA signature (DER-encoded, hex with 0x prefix). Signs the message: {timestamp}{METHOD}{path_and_query}{json_body}. Example: 0x3045022100...

Body

application/json

Body to invite new users to an existing account

Request body for inviting a user to a Byzantine account

accountId
string<uuid>
required

A UUID string

Example:

"550e8400-e29b-41d4-a716-446655440000"

newUsers
object[]
required

Response

Payload to sign created successfully

bodyToSign
object
required

The object that needs to be signed by the end user to invite a new user to a Byzantine account.