Workspace Management Create, configure, and manage workspaces within organizations. Control members, assets, shares, and AI intelligence settings.
Workspaces are shared project spaces within an organization. They support file versioning, search, AI chat, and member management. Most workspace endpoints also accept the workspace's folder_name (e.g., my-project) in place of the numeric ID.
Endpoint Summary
Workspace CRUD
| Method | Endpoint | Description |
|---|---|---|
| POST | /current/org/{org_id}/create/workspace/ | Create a workspace |
| GET | /current/workspace/{workspace_id}/details/ | Get workspace details |
| POST | /current/workspace/{workspace_id}/update/ | Update workspace settings |
| DELETE | /current/workspace/{workspace_id}/delete/ | Delete (close) a workspace |
| POST | /current/workspace/{workspace_id}/archive/ | Archive a workspace |
| POST | /current/workspace/{workspace_id}/unarchive/ | Unarchive a workspace |
Assets
| Method | Endpoint | Description |
|---|---|---|
| GET | /current/workspace/assets/ | List available asset types |
| GET | /current/workspace/{workspace_id}/assets/ | List workspace assets |
| POST | /current/workspace/{workspace_id}/assets/{asset_name}/ | Upload/set asset |
| DELETE | /current/workspace/{workspace_id}/assets/{asset_name}/ | Delete asset |
| GET | /current/workspace/{workspace_id}/assets/{asset_name}/read/ | Download asset binary |
| GET | /current/workspace/{workspace_id}/assets/{asset_name}/read/ | Get asset metadata headers (HEAD) |
Members
| Method | Endpoint | Description |
|---|---|---|
| POST | /current/workspace/{workspace_id}/members/{email_or_user_id}/ | Add member or send invitation |
| DELETE | /current/workspace/{workspace_id}/members/{user_id}/ | Remove a member |
| GET | /current/workspace/{workspace_id}/members/list/ | List all members |
| POST | /current/workspace/{workspace_id}/members/join/ | Self-join by org membership |
| POST | /current/workspace/{workspace_id}/members/join/{invitation_key}/{action}/ | Join via invitation |
| DELETE | /current/workspace/{workspace_id}/member/ | Leave workspace (self) |
| GET | /current/workspace/{workspace_id}/member/{member_id}/details/ | Get member details |
| POST | /current/workspace/{workspace_id}/member/{member_id}/update/ | Update member role |
| GET | /current/workspace/{workspace_id}/member/{member_id}/transfer_ownership/ | Transfer ownership |
Invitations
| Method | Endpoint | Description |
|---|---|---|
| GET | /current/workspace/{workspace_id}/members/invitations/list/ | List all invitations |
| GET | /current/workspace/{workspace_id}/members/invitations/list/{state}/ | List invitations by state |
| POST | /current/workspace/{workspace_id}/members/invitation/{invitation_id}/ | Update an invitation |
| DELETE | /current/workspace/{workspace_id}/members/invitation/{invitation_id}/ | Delete an invitation |
Shares (in workspace context)
| Method | Endpoint | Description |
|---|---|---|
| POST | /current/workspace/{workspace_id}/create/share/ | Create a share |
| GET | /current/workspace/{workspace_id}/list/shares/ | List shares |
| POST | /current/workspace/{workspace_id}/import/share/{share_id}/ | Import a user-owned share |
Discovery
| Method | Endpoint | Description |
|---|---|---|
| GET | /current/workspaces/all/ | List all accessible workspaces |
| GET | /current/workspaces/available/ | List joinable workspaces |
| GET | /current/workspaces/check/name/{name}/ | Check folder name availability |
| GET | /current/org/{org_id}/list/workspaces/ | List workspaces in an org |
Field Constraints
| Field | Constraint |
|---|---|
folder_name | Regex ^[\p{L}\p{N}-]+$ (letters, numbers, hyphens). Must be globally unique. |
name | 2–100 characters, string |
description | 10–1000 characters, string (optional) |
title (shares) | 2–80 characters |
custom_name (shares) | 10–100 characters, URL-friendly |
Permission Values
perm_join — who can self-join from the parent org
| Value | Description |
|---|---|
'Member or above' | Any org member can join (default) |
'Admin or above' | Only org admins and owners |
'Only Org Owners' | Only org owners |
perm_member_manage — who can manage workspace members
| Value | Description |
|---|---|
'Member or above' | Any workspace member can manage (default) |
'Admin or above' | Only workspace admins and owners |
Permission Levels (numeric hierarchy)
| Level | Numeric | Description |
|---|---|---|
| Owner | 1000 | Full control; one per workspace |
| Admin | 500 | Administrative access |
| Member | 100 | Standard member |
| Guest | 50 | Limited guest access |
| View | 20 | Read-only access |
Intelligence Setting
The intelligence boolean on a workspace controls whether uploaded files are automatically indexed for RAG (retrieval-augmented generation).
- Enable (
intelligence=true, default for agent accounts) — files are auto-indexed for semantic search, summarization, and citation. Required forchat_with_filesAI chat type. - Disable (
intelligence=false) — files are stored/shared without RAG indexing. You can still attach files directly to achattype conversation for one-off analysis. - Set at creation:
POST /current/org/{org_id}/create/workspace/withintelligence=true|false - Update later:
POST /current/workspace/{id}/update/withintelligence=true|false - Cannot be re-enabled once disabled. Attempting to set
intelligence=trueafter it was set tofalsereturns an error.
Workspace CRUD
Create Workspace
POST
/current/org/{org_id}/create/workspace/
Creates a new workspace within an organization. The authenticated user becomes the workspace owner.
Auth: JWT required. Org membership (Member or above) required.
Rate Limits: 1/3s, 2/10s, 5/60s, 20/hr, 100/day (per org)
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {org_id} | string | Yes | 20-digit numeric organization ID |
Request Parameters
| Name | Type | Required | Constraints | Description |
|---|---|---|---|---|
| folder_name | string | Yes | Regex ^[\p{L}\p{N}-]+$, globally unique | URL-safe identifier used in workspace URLs |
| name | string | Yes | 2–100 chars, non-blank | Display name |
| perm_join | string | Yes | See Permission Values | Who can self-join from the org |
| perm_member_manage | string | Yes | See Permission Values | Who can manage workspace members |
| intelligence | string | Yes | "true" or "false" | Enable AI indexing. Defaults to "true" for agent accounts. |
| description | string | 10–1000 chars | Workspace description | |
| accent_color | string (JSON) | Valid JSON | Accent color styling | |
| background_color1 | string (JSON) | Valid JSON | Background color 1 styling | |
| background_color2 | string (JSON) | Valid JSON | Background color 2 styling |
Example
curl -X POST "https://api.fast.io/current/org/10000000000000000001/create/workspace/" \
-H "Authorization: Bearer {jwt_token}" \
-d "folder_name=engineering" \
-d "name=Engineering Team" \
-d "description=Main engineering workspace for the team" \
-d "perm_join=Member or above" \
-d "perm_member_manage=Admin or above" \
-d "intelligence=true"Response (200 OK)
{
"result": "yes",
"response": {
"workspace": {
"id": "12345678901234567890",
"folder_name": "engineering"
}
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| response.workspace.id | string | 20-digit numeric workspace profile ID |
| response.workspace.folder_name | string | The URL-safe folder name that was set |
Access Levels
| Role | Access |
|---|---|
| Org Owner | Can create workspaces |
| Org Admin | Can create workspaces |
| Org Member | Can create workspaces |
Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FEATURE_LIMIT | 403 | Workspace creation is not available on your current plan. | Feature disabled on billing plan |
APP_FEATURE_LIMIT | 403 | You have reached your workspace creation limit. | Workspace count limit exceeded |
APP_NOT_ACCEPTABLE | 406 | The supplied workspace folder name is already in use. | Duplicate folder_name |
APP_ERROR_INPUT_INVALID | 400 | An invalid workspace folder name was supplied. | Invalid folder_name format |
APP_ERROR_INPUT_INVALID | 400 | An invalid configuration was supplied... | Metadata validation failure |
APP_ERROR_UPDATE_ERROR | 500 | There was an internal error processing your create request. | Internal failure |
Get Workspace Details
GET
/current/workspace/{workspace_id}/details/
Returns full workspace details including settings, permissions, owner, intelligence state, and branding.
Auth: JWT required. Workspace membership required (View or above).
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit numeric workspace ID or folder_name |
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/details/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"workspace": {
"id": "12345678901234567890",
"name": "Engineering Team",
"folder_name": "engineering",
"description": "Main engineering workspace",
"accent_color": "#0066CC",
"logo": "https://assets.fast.io/12345678901234567890/logo.png",
"closed": false,
"archived": false,
"perm_join": "Member or above",
"perm_member_manage": "Admin or above",
"created": "2023-01-15 10:30:00",
"updated": "2024-01-20 14:45:00",
"user_status": "joined",
"org_domain": "acme-corp"
}
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| response.workspace.id | string | 20-digit workspace profile ID |
| response.workspace.name | string | Display name |
| response.workspace.folder_name | string | URL-safe folder identifier |
| response.workspace.description | string or null | Workspace description |
| response.workspace.accent_color | string or null | Brand accent color |
| response.workspace.logo | string or null | Logo asset URL |
| response.workspace.closed | boolean | Whether workspace is closed (soft-deleted) |
| response.workspace.archived | boolean | Whether workspace is archived |
| response.workspace.perm_join | string | Who can join |
| response.workspace.perm_member_manage | string | Who can manage members |
| response.workspace.created | string | Creation timestamp |
| response.workspace.updated | string | Last update timestamp |
| response.workspace.user_status | string | Current user's membership status ("joined", "invited", "available") |
| response.workspace.org_domain | string | Parent organization domain |
Access Levels
| Role | Fields Returned |
|---|---|
| Owner | All fields including intelligence, storage, platform details |
| Admin | All fields including intelligence, storage, platform details |
| Member | Core workspace fields |
| View | Basic workspace information |
Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_AUTH_INVALID | 401 | Authentication required | Missing or invalid JWT |
APP_NOT_FOUND | 404 | Workspace not found | Invalid ID or no access |
Update Workspace
POST
/current/workspace/{workspace_id}/update/
Updates workspace configuration. All fields are optional; only provided fields are updated.
Auth: JWT required. Admin or Owner required.
Rate Limits: 1/3s, 5/10s, 20/60s, 100/hr (per org)
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit numeric workspace ID |
Request Parameters (all optional)
| Name | Type | Constraints | Description |
|---|---|---|---|
| folder_name | string | Regex ^[\p{L}\p{N}-]+$, unique | URL-safe identifier |
| name | string | 2–100 chars. Send "null" to clear. | Display name |
| description | string | 10–1000 chars. Send "null" or "" to clear. | Description |
| perm_join | string | See Permission Values | Who can self-join |
| perm_member_manage | string | See Permission Values | Who can manage members |
| intelligence | string | "true" or "false". Cannot re-enable once disabled. | AI indexing toggle |
| accent_color | string (JSON) | Valid JSON. Send "null" to clear. | Accent color |
| background_color1 | string (JSON) | Valid JSON. Send "null" to clear. | Background color 1 |
| background_color2 | string (JSON) | Valid JSON. Send "null" to clear. | Background color 2 |
| owner_defined | string (JSON) | Valid JSON. Send "null" or "" to clear. | Custom owner-defined properties |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/update/" \
-H "Authorization: Bearer {jwt_token}" \
-d "name=Updated Workspace Name" \
-d "description=New description for the workspace" \
-d "perm_join=Admin or above"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FORBIDDEN | 403 | Permission denied | User is not admin or owner |
APP_ERROR_INPUT_INVALID | 400 | An invalid workspace folder name was supplied. | Invalid folder_name |
APP_NOT_ACCEPTABLE | 406 | The supplied workspace folder name is already in use. | Duplicate folder_name |
APP_ERROR_INPUT_INVALID | 400 | Intelligence cannot be enabled once it has been disabled... | Attempted to re-enable intelligence |
APP_ERROR_INPUT_INVALID | 400 | An invalid configuration was supplied... | Metadata validation failure |
APP_ERROR_UPDATE_ERROR | 500 | There was an internal error processing your update request. | Internal failure |
If no fields have changed, returns
200 OKwithout performing a database write. JSON fields are decoded server-side; send valid JSON strings.
Delete Workspace
DELETE
/current/workspace/{workspace_id}/delete/?confirm={folder_name_or_id}
Permanently close (soft-delete) a workspace. Enters a retention period before final purge.
Auth: JWT required. Owner only. 2FA required.
Rate Limits: 1/3s, 2/10s, 5/60s, 20/hr, 100/day (per org)
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit numeric workspace ID |
Query Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| confirm | string | Yes | Must match the workspace's folder_name (case-insensitive) or numeric id. Safety confirmation. |
Example
curl -X DELETE "https://api.fast.io/current/workspace/12345678901234567890/delete/?confirm=engineering" \
-H "Authorization: Bearer {jwt_token}"Response (202 Accepted)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FORBIDDEN | 403 | Permission denied | User is not the workspace owner |
APP_ERROR_INPUT_INVALID | 400 | The confirm field provided does not match. | Confirmation does not match folder name or ID |
APP_ERROR_UPDATE_ERROR | 500 | There was an internal error processing your request. | Internal failure |
Archive Workspace
POST
/current/workspace/{workspace_id}/archive/
Archives a workspace. Archived workspaces are hidden from default listings.
Auth: JWT required. Admin or Owner required. 2FA required.
Rate Limits: 1/3s, 2/10s, 5/60s, 20/hr, 100/day (per org)
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/archive/" \
-H "Authorization: Bearer {jwt_token}"Response (202 Accepted)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FORBIDDEN | 403 | Permission denied | Not admin or owner |
APP_ERROR_UPDATE_ERROR | 400 | The workspace is already archived. | Already archived |
Unarchive Workspace
POST
/current/workspace/{workspace_id}/unarchive/
Restores an archived workspace to active status.
Auth: JWT required. Admin or Owner required. 2FA required.
Rate Limits: 50/5min, 300/hr, 500/day (per org)
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/unarchive/" \
-H "Authorization: Bearer {jwt_token}"Response (202 Accepted)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FORBIDDEN | 403 | Permission denied | Not admin or owner |
APP_ERROR_UPDATE_ERROR | 400 | The workspace is not archived. It cannot be unarchived. | Not currently archived |
Workspace Assets
List Available Asset Types
GET
/current/workspace/assets/
Returns available workspace asset metadata types (e.g., logo).
Auth: JWT required.
Example
curl -X GET "https://api.fast.io/current/workspace/assets/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"assets": [
{
"name": "logo",
"type": "image",
"max_size": 5242880,
"accepted_formats": ["image/png", "image/jpeg", "image/svg+xml"]
}
]
},
"current_api_version": "1.0"
}List Workspace Assets
GET
/current/workspace/{workspace_id}/assets/
Returns assets currently set on the workspace.
Auth: JWT required. Owner only. 2FA required.
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/assets/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"assets": {
"logo": {
"url": "https://assets.fast.io/12345678901234567890/logo.png",
"size": 102400,
"content_type": "image/png"
}
}
},
"current_api_version": "1.0"
}Upload/Set Workspace Asset
POST
/current/workspace/{workspace_id}/assets/{asset_name}/
Upload or replace an asset. Sent as multipart/form-data.
Auth: JWT required. Admin or Owner required.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit numeric workspace ID |
| {asset_name} | string | Yes | Name of the asset (e.g., logo) |
Request Body (multipart/form-data)
| Field | Type | Required | Description |
|---|---|---|---|
| file | file | Yes | The asset file to upload |
| metadata | string (JSON array) | Optional metadata for the asset |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/assets/logo/" \
-H "Authorization: Bearer {jwt_token}" \
-F "file=@/path/to/logo.png" \
-F "metadata={}"Response (200 OK)
{
"result": "yes",
"response": {
"asset": {
"name": "logo",
"url": "https://assets.fast.io/12345678901234567890/logo.png"
}
},
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_POST_FILE_MISSING | 400 | Asset upload missing | No file in request |
APP_ERROR_INPUT_INVALID | 400 | metadata invalid | Invalid metadata format |
Delete Workspace Asset
DELETE
/current/workspace/{workspace_id}/assets/{asset_name}/
Delete a specific asset from a workspace.
Auth: JWT required. Admin or Owner required.
Example
curl -X DELETE "https://api.fast.io/current/workspace/12345678901234567890/assets/logo/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Read Asset Binary
GET / HEAD
/current/workspace/{workspace_id}/assets/{asset_name}/read/
GET returns raw binary data. HEAD returns metadata headers only (Content-Type, Content-Length).
Auth: JWT required. Any workspace member. 2FA required.
Example
# Download asset
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/assets/logo/read/" \
-H "Authorization: Bearer {jwt_token}" \
--output logo.png
# Get metadata headers only
curl -I "https://api.fast.io/current/workspace/12345678901234567890/assets/logo/read/" \
-H "Authorization: Bearer {jwt_token}"Response: Raw binary content with appropriate Content-Type header (not JSON).
Workspace Members
Add or Invite a Member
POST
/current/workspace/{workspace_id}/members/{email_or_user_id}/
Add an existing user directly by user ID, or send an invitation by email address.
Auth: JWT required. Permission depends on workspace perm_member_manage setting.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit numeric workspace ID |
| {email_or_user_id} | string | Yes | 20-digit user ID (direct add) or email address (invitation) |
Request Parameters (adding by user ID)
| Name | Type | Required | Description |
|---|---|---|---|
| permissions | string | "admin", "member", or "guest". Cannot be "owner". | |
| notifications | string | Notification preference | |
| expires | string | Membership expiration (ISO 8601) | |
| force_notification | boolean | Force notification email to existing user |
Request Parameters (inviting by email)
| Name | Type | Required | Description |
|---|---|---|---|
| permissions | string | "admin", "member", or "guest". Cannot be "owner". | |
| message | string | Custom message in invitation email | |
| invitation_expires | string | Invitation expiration (ISO 8601) |
Examples
# Add existing user by ID
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/98765432109876543210/" \
-H "Authorization: Bearer {jwt_token}" \
-d "permissions=member"
# Invite by email
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/newuser@example.com/" \
-H "Authorization: Bearer {jwt_token}" \
-d "permissions=member" \
-d "message=Welcome to the project!"Response — Direct Add (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Response — Invitation Sent (200 OK)
{
"result": "yes",
"response": {
"invitation": {
"id": "12345678901234567890",
"inviter": "John Doe",
"invitee_email": "newuser@example.com",
"entity_type": "workspace",
"state": "pending",
"created": "2025-01-15 10:30:00",
"expires": "2025-02-15 10:30:00"
}
},
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_CANNOT_ADD_AS_OWNER | 400 | Adding a member as an owner is not allowed | Attempted owner-level permission |
APP_EXCEEDED_LIMIT | 400 | Varies | Workspace or org member limit reached |
APP_DENIED | 403 | Insufficient org permissions to invite to this workspace. | Lacks org-level permission |
APP_FORBIDDEN | 403 | Insufficient permissions | Below workspace perm_member_manage level |
Adding a user to a workspace may also auto-add them to the parent organization if the workspace is configured for automatic org membership.
Remove a Member
DELETE
/current/workspace/{workspace_id}/members/{user_id}/
Removes a member from the workspace. Cannot remove the workspace owner.
Auth: JWT required. Permission depends on perm_member_manage.
Rate Limits: 1/3s, 2/10s, 5/60s, 20/hr, 100/day
Example
curl -X DELETE "https://api.fast.io/current/workspace/12345678901234567890/members/98765432109876543210/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | Cannot remove the owner | Attempted to remove workspace owner |
APP_FORBIDDEN | 403 | Insufficient permissions | Below required permission level |
Removing a member cascades removal into all shares within the workspace.
List Workspace Members
GET
/current/workspace/{workspace_id}/members/list/
Lists all members with their permissions, notification preferences, and membership metadata.
Auth: JWT required. Any workspace member.
Rate Limits: 20/3s, 50/10s, 200/60s, 500/hr, 10000/day
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/members/list/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"users": [
{
"id": "12345678901234567890",
"account_type": "human",
"email_address": "owner@example.com",
"first_name": "Alice",
"last_name": "Johnson",
"permissions": "owner",
"invite": "accepted",
"notify": "Email me",
"expires": null
},
{
"id": "98765432109876543210",
"account_type": "agent",
"email_address": "bot@example.com",
"first_name": "Sync",
"last_name": "Bot",
"permissions": "member",
"invite": "accepted",
"notify": "Notify me in app",
"expires": "2025-12-31 23:59:59"
}
]
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| users | array | Array of member objects |
| users[].id | string | 20-digit user profile ID |
| users[].account_type | string | "human" or "agent" |
| users[].email_address | string | Member's email address |
| users[].first_name | string | First name |
| users[].last_name | string | Last name |
| users[].permissions | string | Role: "owner", "admin", "member", "guest" |
| users[].invite | string | Invitation status |
| users[].notify | string | Notification preference |
| users[].expires | string or null | Membership expiration or null for permanent |
Leave Workspace (Self)
DELETE
/current/workspace/{workspace_id}/member/
Removes the authenticated user from the workspace. Owners cannot leave; they must transfer ownership first.
Auth: JWT required.
Example
curl -X DELETE "https://api.fast.io/current/workspace/12345678901234567890/member/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | You cannot leave a workspace you are the owner of, transfer ownership or close workspace. | User is the owner |
APP_ERROR_INPUT_INVALID | 400 | You cannot leave an workspace you are not a member of. | Not a member |
Get Member Details
GET
/current/workspace/{workspace_id}/member/{member_id}/details/
Returns membership details for a specific user.
Auth: JWT required. Any workspace member.
Rate Limits: 200/3s, 500/10s, 750/60s, 1000/hr, 2500/day
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/member/98765432109876543210/details/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"member": {
"id": "98765432109876543210",
"account_type": "human",
"email_address": "user@example.com",
"first_name": "Jane",
"last_name": "Smith",
"permissions": "member",
"invite": "accepted",
"notify": "Notify me in app",
"expires": null
}
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| member.id | string | 20-digit user profile ID |
| member.account_type | string | "human" or "agent" |
| member.email_address | string | Email address |
| member.first_name | string | First name |
| member.last_name | string | Last name |
| member.permissions | string | Permission level name |
| member.invite | string | Invitation status |
| member.notify | string | Notification preference |
| member.expires | string or null | Membership expiration or null |
Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | The membership you specified does not exist. | User is not a member |
Update a Member
POST
/current/workspace/{workspace_id}/member/{member_id}/update/
Updates a member's role, notification preferences, or expiration.
Auth: JWT required. Permission depends on perm_member_manage.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Request Parameters (all optional)
| Name | Type | Description |
|---|---|---|
| permissions | string | New role: "admin", "member", "guest" |
| notifications | string | Notification preference |
| expires | string | Membership expiration (ISO 8601) |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/member/98765432109876543210/update/" \
-H "Authorization: Bearer {jwt_token}" \
-d "permissions=admin"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | The membership you specified does not exist. | Target is not a member |
APP_FORBIDDEN | 403 | Insufficient permissions | Below required permission level |
Users cannot escalate permissions beyond their own level.
Transfer Workspace Ownership
GET
/current/workspace/{workspace_id}/member/{member_id}/transfer_ownership/
Transfers ownership to another member. Current owner is demoted to admin.
Auth: JWT required. Owner only.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/member/98765432109876543210/transfer_ownership/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | You cannot transfer ownership to yourself. | Target is self |
APP_ERROR_INPUT_INVALID | 400 | The membership you specified does not exist. | Target is not a workspace member |
APP_ERROR_INPUT_INVALID | 400 | Member is already an owner. | Target is already owner |
APP_ERROR_INPUT_INVALID | 400 | The new owner must be a member of the parent organization. | Target not in parent org |
APP_ERROR_UPDATE_ERROR | 500 | Failed to update owner of the workspace. | Internal failure |
APP_FORBIDDEN | 403 | Insufficient permissions | Not the workspace owner |
Join Workspace
POST
/current/workspace/{workspace_id}/members/join/
Self-join a workspace based on org membership. Subject to the workspace's perm_join setting.
Auth: JWT required.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Request Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| notifications | string | Notification preference |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/join/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_DENIED | 403 | You do not have the appropriate permissions to join this workspace. | User's org role does not meet perm_join |
APP_EXCEEDED_LIMIT | 400 | Varies | Workspace member limit reached |
Self-joining members are assigned the
memberrole. Only notification preferences are accepted. Self-joined memberships do not expire.
Join Workspace via Invitation
POST
/current/workspace/{workspace_id}/members/join/{invitation_key}/{action}/
Join or decline a workspace invitation.
Auth: JWT required.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {invitation_key} | string | Yes | Unique invitation key |
| {action} | string | "accept" (default) or "decline" |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/join/abc123def456/accept/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_INTERNAL_ERROR | 500 | Failed to get invitation. | Invalid or expired invitation key |
APP_DENIED | 403 | The inviter no longer has appropriate permissions... | Inviter lost management permissions |
APP_EXCEEDED_LIMIT | 400 | Varies | Member limit reached |
The system validates the inviter still has sufficient permissions at acceptance time. Accepting may also auto-add the user to the parent organization.
Workspace Invitations
List Workspace Invitations
GET
/current/workspace/{workspace_id}/members/invitations/list/
Returns all invitations for the workspace.
Auth: JWT required. Any workspace member.
Rate Limits: 10/3s, 25/10s, 50/60s, 100/hr, 1000/day
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/members/invitations/list/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"invitations": [
{
"id": "12345678901234567890",
"inviter": "Alice Johnson",
"invitee_email": "newuser@example.com",
"invitee_uid": null,
"accepted_uid": null,
"entity_type": "workspace",
"workspace": {
"id": "98765432109876543210",
"name": "Project Alpha"
},
"state": "pending",
"created": "2025-01-15 10:30:00",
"updated": "2025-01-15 10:30:00",
"expires": "2025-02-15 10:30:00"
}
]
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| invitations | array | Array of invitation objects |
| invitations[].id | string | Invitation ID |
| invitations[].inviter | string | Display name of inviting user |
| invitations[].invitee_email | string | Email the invitation was sent to |
| invitations[].invitee_uid | string or null | User ID of invitee (if they exist in the system) |
| invitations[].accepted_uid | string or null | User ID of acceptor (if accepted) |
| invitations[].entity_type | string | Always "workspace" |
| invitations[].workspace | object | Workspace details (id, name) |
| invitations[].state | string | "pending", "accepted", "declined", "expired", "revoked" |
| invitations[].created | string | Creation timestamp |
| invitations[].updated | string | Last update timestamp |
| invitations[].expires | string or null | Expiration timestamp |
List Invitations by State
GET
/current/workspace/{workspace_id}/members/invitations/list/{state}/
Filter invitations by state.
Auth: JWT required. Any workspace member.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {state} | string | Yes | "pending", "accepted", "declined", "expired", "revoked" |
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/members/invitations/list/pending/" \
-H "Authorization: Bearer {jwt_token}"Response: Same format as List Workspace Invitations, filtered by state.
Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | An invalid invitation state was supplied. | Unrecognized state |
Update an Invitation
POST
/current/workspace/{workspace_id}/members/invitation/{invitation_id}/
Update an existing invitation. The {invitation_id} can be the numeric ID or the invitee's email address.
Auth: JWT required. Permission depends on perm_member_manage.
Rate Limits: 10/60s, 20/600s, 30/hr
Request Parameters (all optional)
| Name | Type | Description |
|---|---|---|
| state | string | New state: "pending", "accepted", "declined", "expired", "revoked" |
| permissions | string | Updated permission level for membership |
| expires | string | Updated membership expiration (ISO 8601) |
Examples
# Revoke by ID
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/invitation/11111111111111111111/" \
-H "Authorization: Bearer {jwt_token}" \
-d "state=revoked"
# Update by email
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/members/invitation/user@example.com/" \
-H "Authorization: Bearer {jwt_token}" \
-d "permissions=admin"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | An invalid invitation ID or email was supplied. | Malformed identifier |
APP_ERROR_INPUT_INVALID | 400 | Invitation not found. | No matching invitation |
APP_ERROR_INPUT_INVALID | 400 | An invalid state was supplied. | Unrecognized state |
APP_UPDATE_FAILED | 500 | Failed to update invitation. | Internal failure |
APP_FORBIDDEN | 403 | Insufficient permissions | Below required permission level |
Delete an Invitation
DELETE
/current/workspace/{workspace_id}/members/invitation/{invitation_id}/
Delete (revoke) an invitation. The {invitation_id} can be the numeric ID or the invitee's email.
Auth: JWT required. Permission depends on perm_member_manage.
Rate Limits: 10/60s, 20/600s, 30/hr
Example
curl -X DELETE "https://api.fast.io/current/workspace/12345678901234567890/members/invitation/11111111111111111111/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | An invalid invitation ID or email was supplied. | Malformed identifier |
APP_ERROR_INPUT_INVALID | 400 | Invitation not found. | No matching invitation |
APP_DELETE_FAILED | 500 | Failed to delete invitation. | Internal failure |
APP_FORBIDDEN | 403 | Insufficient permissions | Below required permission level |
Creating Shares from Workspaces
Create Share
POST
/current/workspace/{workspace_id}/create/share/
Create a new share within a workspace. Shares can use independent storage (isolated data room) or a workspace folder as their storage root (live folder share).
Auth: JWT required. Admin or Owner required.
Rate Limits: 5/3s, 15/10s, 30/60s, 50/hr, 250/day (per workspace)
For full share management documentation, see Shares reference.
Required Parameters
| Name | Type | Constraints | Description |
|---|---|---|---|
| intelligence | string | "true" or "false" | Enable AI features for the share |
| share_type | string | "send", "receive", "exchange" | Type of share |
| access_options | string | See access options below | Access control setting |
| invite | string | "owners" or "guests" | Who can manage invitations |
Optional Parameters
| Name | Type | Constraints | Description |
|---|---|---|---|
| storage_mode | string | "independent" (default) or "workspace_folder" | Storage isolation mode |
| folder_node_id | string | Valid OpaqueId | Existing workspace folder (for workspace_folder mode) |
| create_folder | string | "true" or "false" | Create new folder (for workspace_folder mode) |
| folder_name | string | Name for new folder (defaults to "Shared Folder") | |
| title | string | 2–80 chars | Display title |
| description | string | 10–500 chars | Share description |
| custom_name | string | 10–100 chars, URL-friendly | Custom URL name. Auto-generated if omitted. |
| password | string | 4–128 chars | Password protection (Send type only, requires "Anyone with the link" access) |
| expires | string | MySQL datetime | Expiration date (rooms only, not for workspace folder shares) |
| notify | string | "never", "notify_on_file_received", "notify_on_file_sent_or_received" | Notification preference |
| comments_enabled | string | "true" or "false" | Enable comments |
| download_enabled | string | "true" or "false" | Enable downloads |
| guest_chat_enabled | string | "true" or "false" | Enable guest AI chat |
| accent_color | string (JSON) | Valid JSON | Accent color |
| background_color1 | string (JSON) | Valid JSON | Background color 1 |
| background_color2 | string (JSON) | Valid JSON | Background color 2 |
| owner_defined | string (JSON) | Valid JSON | Custom properties |
Access Options (access_options)
| Value | Description |
|---|---|
'Only members of the Share or Workspace' | Most restrictive (default) |
'Members of the Share, Workspace or Org' | Includes org members |
'Anyone with a registered account' | Any authenticated user |
'Anyone with the link' | Least restrictive; allows password. Not available for Receive/Exchange types. |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/create/share/" \
-H "Authorization: Bearer {jwt_token}" \
-d "title=Client Deliverables" \
-d "share_type=send" \
-d "intelligence=true" \
-d "access_options=Anyone with a registered account" \
-d "invite=owners"Response (200 OK)
{
"result": "yes",
"response": {
"share": {
"id": "98765432109876543210",
"custom_name": "abc123opaque",
"storage_mode": "independent"
}
},
"current_api_version": "1.0"
}Response — Workspace Folder Share
{
"result": "yes",
"response": {
"share": {
"id": "98765432109876543210",
"custom_name": "def456opaque",
"storage_mode": "workspace_folder",
"folder_node_id": "abc123def456"
}
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| response.share.id | string | 20-digit share profile ID |
| response.share.custom_name | string | URL name (custom or auto-generated) |
| response.share.storage_mode | string | "independent" or "workspace_folder" |
| response.share.folder_node_id | string | (Workspace folder shares only) Folder node ID |
Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_FEATURE_LIMIT | 403 | The organization has reached its share creation limit... | Plan share limit exceeded |
APP_NOT_ACCEPTABLE | 406 | The supplied share custom name is already in use. | Duplicate custom_name |
APP_ERROR_INPUT_INVALID | 400 | An invalid share custom name was supplied. | Invalid custom_name format |
APP_ERROR_INPUT_INVALID | 400 | Workspace folder shares cannot have an expiration date. | expires set on workspace folder share |
APP_ERROR_INPUT_INVALID | 400 | Receive and Exchange shares cannot have "Anyone" access option. | Invalid access/type combination |
APP_ERROR_INPUT_INVALID | 400 | Password can only be set for shares with "Anyone" access option. | Password on non-public share |
APP_NOT_ACCEPTABLE | 406 | This folder has already been shared. | Folder already has a share |
APP_CONFLICT | 409 | Unable to process share creation request due to concurrent operation. | Concurrent folder share creation |
List Shares in Workspace
GET
/current/workspace/{workspace_id}/list/shares/
Lists all shares belonging to a workspace.
Auth: JWT required. View or above.
Rate Limits: 25/60s, 800/hr, 2500/day (per workspace)
Query Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| archived | string | "false" | "true" for archived shares, "false" for active |
Example
curl -X GET "https://api.fast.io/current/workspace/12345678901234567890/list/shares/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"shares": [
{
"id": "98765432109876543210",
"title": "Client Deliverables",
"share_type": "send",
"custom_name": "client-deliverables",
"archived": false,
"closed": false
}
]
},
"current_api_version": "1.0"
}Import Share into Workspace
POST
/current/workspace/{workspace_id}/import/share/{share_id}/
Transfers a user-owned share into workspace ownership.
Auth: JWT required. Must be workspace member AND share owner.
Rate Limits: 100/60s, 500/hr, 1000/day (per workspace and user)
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {workspace_id} | string | Yes | 20-digit workspace ID |
| {share_id} | string | Yes | 20-digit share ID to import |
Example
curl -X POST "https://api.fast.io/current/workspace/12345678901234567890/import/share/98765432109876543210/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"share": {
"id": "98765432109876543210",
"parent_type": "workspace",
"parent_workspace": "12345678901234567890"
}
},
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | This share is not owned by you and cannot be imported. | Share parent is not the current user |
APP_AUTH_INVALID | 401 | You must be the owner of the share to import it to a workspace. | Not the share owner |
APP_ERROR_INPUT_INVALID | 400 | The share has multiple owners... | Remove other owners first |
APP_FEATURE_LIMIT | 403 | The workspace has reached its share limit... | Plan limit exceeded |
Share must be user-owned (not already in another workspace). User must be the sole owner. Multiple owners must be removed first. Archived shares are auto-unarchived during import.
Workspace Discovery
List All Workspaces
GET
/current/workspaces/all/
Lists all workspaces the user has joined or can access across all organizations.
Auth: JWT required.
Rate Limits: 250/hr, 3000/day (per user)
Example
curl -X GET "https://api.fast.io/current/workspaces/all/" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"workspaces": [
{
"id": "12345678901234567890",
"name": "Engineering Team",
"folder_name": "engineering",
"description": "Main engineering workspace",
"accent_color": "#0066CC",
"logo": "https://assets.fast.io/12345678901234567890/logo.png",
"closed": false,
"archived": false,
"perm_join": "Member or above",
"perm_member_manage": "Admin or above",
"created": "2023-01-15 10:30:00",
"updated": "2024-01-20 14:45:00",
"user_status": "joined",
"org_domain": "acme-corp"
}
]
},
"current_api_version": "1.0"
}Response Fields
| Field | Type | Description |
|---|---|---|
| response.workspaces | array | Array of workspace objects |
| [].id | string | 20-digit workspace profile ID |
| [].name | string | Display name |
| [].folder_name | string | URL-safe folder identifier |
| [].description | string or null | Description |
| [].accent_color | string or null | Brand accent color |
| [].logo | string or null | Logo asset URL |
| [].closed | boolean | Whether closed |
| [].archived | boolean | Whether archived |
| [].perm_join | string | Who can join |
| [].perm_member_manage | string | Who can manage members |
| [].created | string | Creation timestamp |
| [].updated | string | Last update timestamp |
| [].user_status | string | "joined", "invited", or "available" |
| [].org_domain | string | Parent organization domain |
Spans all organizations the user belongs to. Workspaces from orgs without active subscriptions are filtered out.
List Available Workspaces
GET
/current/workspaces/available/
Lists workspaces the user can join but has not yet joined. Useful for discovery UI.
Auth: JWT required.
Rate Limits: 500/hr, 5000/day (per user)
Example
curl -X GET "https://api.fast.io/current/workspaces/available/" \
-H "Authorization: Bearer {jwt_token}"Response: Same structure as List All Workspaces, but only includes un-joined workspaces.
Check Workspace Name
GET
/current/workspaces/check/name/{name}/
Checks if a workspace folder name is already in use. Useful for real-time form validation.
Auth: JWT required. Org membership (Member or above) required. 2FA required.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {name} | string | Yes | The folder name to check |
Example
curl -X GET "https://api.fast.io/current/workspaces/check/name/engineering/" \
-H "Authorization: Bearer {jwt_token}"Response — Name Available (202 Accepted)
{
"result": "yes",
"current_api_version": "1.0"
}Error Responses
| Error Code | HTTP Status | Message | Cause |
|---|---|---|---|
APP_ERROR_INPUT_INVALID | 400 | An invalid workspace folder name was supplied. | Invalid name format |
APP_NOT_ACCEPTABLE | 406 | The supplied workspace folder name is already in use. | Name taken |
APP_FORBIDDEN | 403 | Permission denied | Not an org member |
Checks globally across all workspaces, not just the current org. Returns
202 Accepted(not200 OK) when the name is available.
List Workspaces in Org
GET
/current/org/{org_id}/list/workspaces/
Lists workspaces within a specific organization. Paginated.
Auth: JWT required.
Rate Limits: Org members: 500/hr, 5000/day. External users: 100/hr, 500/day.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| {org_id} | string | Yes | 20-digit numeric organization ID |
Query Parameters
| Name | Type | Default | Description |
|---|---|---|---|
| limit | integer | 100 | 1–500, items per page |
| offset | integer | 0 | Items to skip |
| archived | string | "false" | "true" for archived, "false" for active |
Example
curl -X GET "https://api.fast.io/current/org/10000000000000000001/list/workspaces/?limit=50&offset=0" \
-H "Authorization: Bearer {jwt_token}"Response (200 OK)
{
"result": "yes",
"response": {
"workspaces": [
{
"id": "12345678901234567890",
"folder_name": "engineering",
"name": "Engineering Team",
"description": "Main project workspace"
}
],
"pagination": {
"total": 5,
"limit": 50,
"offset": 0,
"has_more": false
}
},
"current_api_version": "1.0"
}Access Levels
| Role | Visibility |
|---|---|
| Org Owner | All workspaces |
| Org Admin | All workspaces |
| Org Member | Workspaces matching perm_join permission |
| External User | Only workspaces where they are a direct member |