Platform

Accounts & Teams

View as Markdown

Chaser supports personal accounts and organization accounts for team collaboration.

Account types

Personal account — created automatically for every user. Resources created under a personal account are private to that user.

Organization account — created explicitly for team collaboration. Resources are shared among all organization members.

Account selection

Set the active account on any request:

1X-Chaser-Account: Acme Engineering

Accepts: account ID, exact account name, or personal. If omitted, your personal account is used.

All resources (sessions, workspaces, jobs, webhooks, billing, audit) are scoped to the active account.

List and inspect accounts

$# List all accounts you belong to
$curl -sS "$CHASER_API_URL/v1/accounts" \
>  -H "Authorization: Bearer $CHASER_API_KEY" | jq
$
$# Get the resolved active account
$curl -sS "$CHASER_API_URL/v1/accounts/current" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" | jq

Create an organization

$curl -sS "$CHASER_API_URL/v1/accounts/organizations" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "Content-Type: application/json" \
>  -d '{"name": "Acme Engineering"}' | jq

Manage members

Members have one of three roles: owner, admin, or member.

$# List members
$curl -sS "$CHASER_API_URL/v1/accounts/current/members" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" | jq
$
$# Add a member
$curl -sS "$CHASER_API_URL/v1/accounts/current/members" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" \
>  -H "Content-Type: application/json" \
>  -d '{"email": "teammate@example.com", "role": "admin"}' | jq
$
$# Update role
$curl -sS -X PATCH "$CHASER_API_URL/v1/accounts/current/members/<user_id>" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" \
>  -H "Content-Type: application/json" \
>  -d '{"role": "member"}' | jq
$
$# Remove a member
$curl -sS -X DELETE "$CHASER_API_URL/v1/accounts/current/members/<user_id>" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering"

Permissions:

  • Any member can list members
  • Only owners and admins can add, update, or remove members
  • Only owners can add or modify owner memberships
  • The last owner cannot be removed or demoted

Service accounts

Service accounts provide non-human identities for automation. Each service account can have multiple scoped API keys.

$# Create a service account
$curl -sS "$CHASER_API_URL/v1/accounts/current/service-accounts" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" \
>  -H "Content-Type: application/json" \
>  -d '{"name": "deploy-bot"}' | jq
$
$# Create a scoped API key for it
$curl -sS "$CHASER_API_URL/v1/accounts/current/service-accounts/<sa_id>/keys" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" \
>  -H "Content-Type: application/json" \
>  -d '{
>    "name": "deploy-key",
>    "scopes": ["sessions.read", "sessions.write", "workspaces.read", "exec.write"]
>  }' | jq

Service account keys can drive account-scoped session, workspace, exec, file transfer, audit, webhook, and MCP automation when granted the corresponding scopes.

Only organization owners and admins can create, manage, and delete service accounts.

API keys

User API keys are bound to the account selected at creation time:

$# Create a key for the personal account
$curl -sS "$CHASER_API_URL/v1/keys" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: personal" \
>  -H "Content-Type: application/json" \
>  -d '{"name": "personal-automation", "scopes": ["sessions.read", "exec.write"]}' | jq
$
$# Create a key for an organization
$curl -sS "$CHASER_API_URL/v1/keys" \
>  -H "Authorization: Bearer $CHASER_API_KEY" \
>  -H "X-Chaser-Account: Acme Engineering" \
>  -H "Content-Type: application/json" \
>  -d '{"name": "org-automation", "scopes": ["sessions.read", "exec.write"]}' | jq

A user API key cannot be used with a different X-Chaser-Account than the one it was created for. Create separate keys for each account context.

For shared automation, prefer service accounts over individual user API keys.