Skip to main content
Add an existing Fluz user to the caller’s account as an authorized user with one or more access roles. This mutation does not create a user — it looks up an existing Fluz user by email or phone, then creates a role assignment on the caller’s account (or reactivates a previously DECLINED/INACTIVE assignment with the new roles). The target account is always resolved from the caller’s credentials — Bearer tokens use the token’s account; Basic (API key) callers use the application’s configured operator account. There is no way to target an account you do not own through this endpoint. 🔒 Restricted Access This mutation requires the MANAGE_SUBUSERS scope. It supports both Bearer (user access token) and Basic (<API_KEY>) authentication. The OWNER role cannot be assigned through this endpoint.

Parameters


Response

Success Response


Response Fields


Note: This mutation returns errors in the response data, not as GraphQL errors. Always check the success field and handle the error object when success is false.

Example Request


Skip the pending state and suppress the invite

To activate the authorized user immediately without sending an invite, set status to ACTIVE and sendInvite to false. The assignment is created in the ACTIVE state, no pendingActionId is returned, and no invite is sent to the user.

Error Codes