Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Nettalco/dokploy/llms.txt

Use this file to discover all available pages before exploring further.

Organizations are the top-level workspace unit in Dokploy. Every project, service, server, git provider, and team member belongs to exactly one organization. When multiple teams share a single Dokploy instance — for example, different product squads or customer tenants — each team gets its own isolated organization with its own member roster, permissions, and resource quotas.

What is an Organization?

An organization is a container for:
  • Members — users with assigned roles (owner, admin, member, or custom roles)
  • Projects — logical groupings of applications and databases
  • Servers — remote compute nodes managed through Dokploy
  • Invitations — pending requests to join the organization
  • Settings — Docker cleanup policies, SSH keys, notification providers, and more
No resource bleeds across organization boundaries. A member of Organization A cannot see or affect any resource in Organization B unless they are also a member there.
Each user must belong to at least one organization. The first organization is created automatically during the Dokploy setup wizard, and the user who completes setup becomes its owner.

Creating an Organization

Use organization.create to provision a new organization. You must supply a name; an optional logo URL can be provided for branding. In self-hosted mode, only users with the owner or admin role in their current organization can create additional organizations. On Dokploy Cloud any authenticated user may create an organization.
const org = await trpc.organization.create.mutate({
  name: "Acme Platform Team",
  logo: "https://example.com/logo.png", // optional
});
// org.id is the new organization's identifier
The caller is automatically added as the owner member of the newly created organization.

Managing Members

Changing a member’s role

Use organization.updateMemberRole to promote or demote a member within the active organization. The following constraints are enforced by the server:
  • A user cannot change their own role.
  • The owner role is nontransferable — you cannot assign it to someone else or remove it from the current owner.
  • Only the owner can change an admin’s role. An admin may only modify member-level roles.
  • Custom roles (Enterprise) must exist in organizationRole before they can be assigned.
await trpc.organization.updateMemberRole.mutate({
  memberId: "member_abc",
  role: "admin",
});

Listing members

Use user.all to list every member of the current organization. Each entry includes the member’s role, join date, and linked user record.

Invitations

Creating and sending an invitation

Use organization.inviteMember to create a time-limited invitation (valid 48 hours) for a given email address and role. On Dokploy Cloud the invitation email is dispatched automatically. On self-hosted installations, call user.sendInvitation with the returned invitation ID and a configured notification provider ID to send the email.
// Create the invitation
const invite = await trpc.organization.inviteMember.mutate({
  email: "alice@example.com",
  role: "member",
});

// Self-hosted only: send the invitation email via a configured notification provider
await trpc.user.sendInvitation.mutate({
  invitationId: invite.id,
  notificationId: "notif_abc123",
});

Listing pending invitations

organization.allInvitations returns all invitation records for the active organization, sorted by status and expiry date. This includes accepted, expired, and pending entries so you have a full audit trail.
const invitations = await trpc.organization.allInvitations.query();

Cancelling an invitation

Call organization.removeInvitation to delete a pending invitation and invalidate its link before the recipient accepts it.
await trpc.organization.removeInvitation.mutate({
  invitationId: "inv_abc123",
});
Both organization.allInvitations and organization.removeInvitation require the caller to hold the member.create permission (owners and admins have this by default).

Setting the Default Organization

A user who belongs to multiple organizations can mark one as their default with organization.setDefault. On next login, Dokploy loads the default organization’s session context automatically.
await trpc.organization.setDefault.mutate({
  organizationId: "org_abc",
});
Internally this sets isDefault: true on the user’s member record for that organization (and clears the flag on all others). The current active organization context for the session is returned by organization.active.
const active = await trpc.organization.active.query();
// Returns the organization record that matches session.activeOrganizationId

Updating and Deleting

Updating an organization

organization.update lets the organization owner change its name or logo. Only the owner (verified by ownerId on the organization record or the owner member role) may call this endpoint.
await trpc.organization.update.mutate({
  organizationId: "org_abc",
  name: "Acme Infrastructure",
  logo: "https://example.com/new-logo.png",
});

Deleting an organization

organization.delete permanently removes the organization and all its resources (projects, services, invitations, etc.) via cascade delete. Again, only the owner may do this.
await trpc.organization.delete.mutate({ organizationId: "org_abc" });
Dokploy prevents you from deleting an organization if it is the last organization you own. Every user must remain the owner of at least one organization.

Checking User Organizations

Admins and owners can call user.checkUserOrganizations to see how many organizations a specific user belongs to. This is useful before removing a member — if they belong to only one organization you may want to inform them that removal will leave them without a workspace.
const count = await trpc.user.checkUserOrganizations.query({
  userId: "user_xyz",
});
// count: number of organizations the user is a member of
Use separate organizations to maintain strict isolation between staging and production environments. Each organization gets its own server pool, secrets, and access list — so a misconfiguration or accidental deployment in staging can never touch production resources.

Build docs developers (and LLMs) love