Every ClickFlow API call operates within the context of an organization. Your API key or OAuth session determines which organizations you can access.
Always confirm the org first
Before making changes, call list_organizations to see available orgs and verify you’re targeting the right one.
Call the platform.list_organizations tool (no parameters).
curl https://api.clickflow.com/v1/api/organizations \
-H "Authorization: Bearer cf_ak_your_key_here"
{
"organizations": [
{
"_id": "org_abc123",
"name": "My Company",
"domain": "example.com"
},
{
"_id": "org_def456",
"name": "Client Site",
"domain": "client.com"
}
],
"count": 2
}
Switching organizations
By default, all calls use your API key’s default organization. To operate on a different org:
Call platform.switch_organization:{
"organization_id": "org_def456"
}
Pass the X-Organization-Id header on each request:curl https://api.clickflow.com/v1/api/roadmap-items \
-H "Authorization: Bearer cf_ak_your_key_here" \
-H "X-Organization-Id: org_def456"
curl -X POST https://api.clickflow.com/v1/api/switch-organization \
-H "Authorization: Bearer cf_ak_your_key_here" \
-H "Content-Type: application/json" \
-d '{"organization_id": "org_def456"}'
Operating on the wrong organization cannot be undone. Always confirm with list_organizations before making changes.
Access control
- API keys can only access organizations they were granted access to
- OAuth users can access any organization they’re a member of
- Cross-org access attempts return
{"error": "Organization not found or you don't have access"}
