Organizations
How organizations work in Tholos — team structure, membership, and blockchain configuration.
An organization is the top-level entity in Tholos. It groups users, vaults, and policies under a shared team structure.
Structure
Section titled “Structure”Every Tholos user belongs to one or more organizations. An organization contains:
- Members — users with assigned roles
- Vaults — wallets secured by MPC key shares
- Invitations — pending invites for new members
- Blockchain opt-ins — which blockchain networks are enabled
Creating an organization
Section titled “Creating an organization”Organizations are created through the Tholos Dashboard during the onboarding flow. Once created, you can manage them programmatically via the API.
Managing members
Section titled “Managing members”Organization admins can invite new members by email and manage existing members:
# Invite memberscurl -X POST https://api.tholos.app/organization/{orgId}/invite \ -H "Authorization: Bearer $THOLOS_API_TOKEN" \ -H "Content-Type: application/json" \ -d '{"emails": ["alice@example.com", "bob@example.com"]}'
# List memberscurl https://api.tholos.app/organization/{orgId}/members \ -H "Authorization: Bearer $THOLOS_API_TOKEN"
# Remove a membercurl -X DELETE https://api.tholos.app/organization/{orgId}/member/{memberId} \ -H "Authorization: Bearer $THOLOS_API_TOKEN"Blockchain opt-ins
Section titled “Blockchain opt-ins”By default, organizations have access to core blockchains (Ethereum, Solana, Bitcoin, etc.). Additional chains like Cosmos ecosystem networks require explicit opt-in by an organization admin:
# Get current opt-inscurl https://api.tholos.app/organization/{orgId}/blockchain-opt-in \ -H "Authorization: Bearer $THOLOS_API_TOKEN"
# Set opt-inscurl -X PUT https://api.tholos.app/organization/{orgId}/blockchain-opt-in \ -H "Authorization: Bearer $THOLOS_API_TOKEN" \ -H "Content-Type: application/json" \ -d '{"blockchains": ["cosmos-hub", "stride", "neutron"]}'Organization roles
Section titled “Organization roles”Each member has an organization-level role that determines their base permissions:
| Role | Description |
|---|---|
| Admin | Full control — manage members, roles, settings, and all vaults |
| User | Standard access — can participate in vaults they are added to |
| Auditor | Read-only access — can view all vaults in the organization but cannot initiate actions |
See Roles & Permissions for details on how organization roles interact with vault roles.
Key API endpoints
Section titled “Key API endpoints”| Operation | Method | Endpoint |
|---|---|---|
| Update organization | PUT | /organization/{id} |
| List members | GET | /organization/{id}/members |
| List pending invites | GET | /organization/{id}/invited-members |
| List vaults | GET | /organization/{id}/vaults |
| Invite members | POST | /organization/{id}/invite |
| Remove invite | DELETE | /organization/{id}/invite |
| Remove member | DELETE | /organization/{id}/member/{memberId} |
| Update member role | PUT | /organization/{id}/member/{memberId}/role |
| Get blockchain opt-ins | GET | /organization/{id}/blockchain-opt-in |
| Set blockchain opt-ins | PUT | /organization/{id}/blockchain-opt-in |