POST /api/v1/admin/orgs/:slug/transfer-ownership
This page is auto-generated from
src/admin/routes.ts. Do not edit by hand — seedocs/dev/docs-auto-sync.md.
:warning: Heuristic extraction — not a contract. Response shapes below are mined from
c.json(...)literals in the handler via an AST walker. Computed fields, ternaries, and non-literal returns are shown as placeholders. Refer to the linked source file for the authoritative behaviour.
POST /api/v1/admin/orgs/:slug/transfer-ownership
Section titled “POST /api/v1/admin/orgs/:slug/transfer-ownership”Authentication
Section titled “Authentication”Requires the following capability(ies):
transfer-ownership
Middleware
Section titled “Middleware”Other middleware observed on this route (heuristic):
requireCapabilityroleEditBodyLimit
Description
Section titled “Description”POST /api/v1/admin/orgs/:slug/transfer-ownership — atomic owner transfer.
Body: {new_owner_member_id: string}. The caller MUST currently be the owner of the tenant. The new owner MUST be a different member of the same tenant. Both checks are enforced at the API layer; the partial unique index on tenant_members is the storage-layer safety net.
Capability: transfer-ownership (owner-only). The admin-token bearer is also allowed via the implicit owner-rebind in requireCapability, which matches the rest of this file’s admin-token-friendly posture.
Responses
Section titled “Responses”HTTP 404
Section titled “HTTP 404”{ "error": "Org not found"}HTTP 400
Section titled “HTTP 400”{ "error": "Invalid JSON body"}HTTP 400
Section titled “HTTP 400”{ "error": "Body must be a JSON object"}HTTP 400
Section titled “HTTP 400”{ "error": "new_owner_member_id is required"}HTTP 409
Section titled “HTTP 409”{ "error": "no_current_owner", "message": "This tenant has no owner row to transfer from. Seed the owner row before retrying."}HTTP 404
Section titled “HTTP 404”{ "error": "new_owner_not_member", "message": "new_owner_member_id is not a member of this tenant"}HTTP 400
Section titled “HTTP 400”{ "error": "new_owner_is_current_owner", "message": "new_owner_member_id is already the owner"}HTTP 503
Section titled “HTTP 503”{ "error": "step_up_lookup_failed", "message": "Could not verify the target member's MFA factor; retry in a moment."}HTTP 412
Section titled “HTTP 412”{ "error": "step_up_required", "message": "Owner role requires MFA at this tier. Ask the target member to register a TOTP factor at /admin/ui/account/mfa before retrying the transfer.", "reason": "owner_requires_mfa", "tier": <member-expr>}HTTP 409
Section titled “HTTP 409”{ "error": "owner_transfer_race", "message": "Another owner transfer landed concurrently; refresh and retry."}HTTP 200 (default)
Section titled “HTTP 200 (default)”{ "from_member_id": <member-expr>, "new_owner_member_id": <member-expr>, "transferred": true}Source
Section titled “Source”- File:
src/admin/routes.ts - Line: 3642