Skip to content
APIs/Team/
/
Invite user

Team API (1.0)

The team API lets you manage users, departments, locations, and cards.

Download OpenAPI description
team_api.json
team_api.yaml
Overview
URL
https://brex.com
Admin
developer-support@brex.com
Languages
Servers
Production
https://api.brex.com
Staging (Note: This is not a sandbox. It will not work with customer tokens.)
https://api-staging.brex.com

Users

Endpoints for user management.

Operations

List users

Request

This endpoint lists all users. To find a user id by email, you can filter using the email query parameter.

Security
OAuth2(Required scopes:
users
users.readonly
)
Query
cursorstring or null
limitinteger or null(int32)
emailstring or null

Currently only support filtering by a single email or a single remote_display_id.

remote_display_idstring or null

Currently only support filtering by a single email or a single remote_display_id.

expand[]Array of strings or null

Expandable fields that can be included in the response by passing in a query parameter e.g. ?expand[]=limit

curl -i -X GET \
  https://api.brex.com/v2/users \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

listUsers 200 response

Bodyapplication/json
next_cursorstring or null
itemsArray of objects(UserResponse)required
items[].​idstringrequired
items[].​first_namestringrequired

First name of the user

items[].​last_namestringrequired

Last name of the user

items[].​emailstringrequired

Email address of the user

items[].​statusstring or null

Status of the user

Enum"INVITED""ACTIVE""CLOSED""DISABLED""DELETED""PENDING_ACTIVATION""INACTIVE""ARCHIVED"
items[].​manager_idstring or null

The user id of the manager of this user

items[].​department_idstring or null
items[].​location_idstring or null
items[].​title_idstring or null
items[].​metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

items[].​remote_display_idstring or null

Identifier that is displayed on the IDP or HR system, eg, if OKTA identifies you as user xyz

Response
application/json
{
  "next_cursor": "string",
  "items": [
    {}
  ]
}

Invite user

Request

This endpoint invites a new user as an employee. To update user's role, check out this article.

Security
OAuth2(Required scopes:
users
)
Headers
Idempotency-Keystring or null
Bodyapplication/jsonrequired
first_namestringnon-emptyrequired
last_namestringnon-emptyrequired
emailstring(email)required
manager_idstring or null
department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

curl -i -X POST \
  https://api.brex.com/v2/users \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "first_name": "string",
    "last_name": "string",
    "email": "user@example.com",
    "manager_id": "string",
    "department_id": "string",
    "location_id": "string",
    "title_id": "string",
    "metadata": {
      "property1": "string",
      "property2": "string"
    }
  }'

Responses

createUser 200 response

Bodyapplication/json
idstringrequired
first_namestringrequired

First name of the user

last_namestringrequired

Last name of the user

emailstringrequired

Email address of the user

statusstring or null

Status of the user

Enum"INVITED""ACTIVE""CLOSED""DISABLED""DELETED""PENDING_ACTIVATION""INACTIVE""ARCHIVED"
manager_idstring or null

The user id of the manager of this user

department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

remote_display_idstring or null

Identifier that is displayed on the IDP or HR system, eg, if OKTA identifies you as user xyz

Response
application/json
{
  "id": "string",
  "first_name": "string",
  "last_name": "string",
  "email": "string",
  "status": "INVITED",
  "manager_id": "string",
  "department_id": "string",
  "location_id": "string",
  "title_id": "string",
  "metadata": {
    "property1": "string",
    "property2": "string"
  },
  "remote_display_id": "string"
}

Get current user

Request

This endpoint returns the user associated with the OAuth2 access token.

Security
OAuth2(Required scopes:
users
users.readonly
)
curl -i -X GET \
  https://api.brex.com/v2/users/me \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

getMe 200 response

Bodyapplication/json
idstringrequired
first_namestringrequired

First name of the user

last_namestringrequired

Last name of the user

emailstringrequired

Email address of the user

statusstring or null

Status of the user

Enum"INVITED""ACTIVE""CLOSED""DISABLED""DELETED""PENDING_ACTIVATION""INACTIVE""ARCHIVED"
manager_idstring or null

The user id of the manager of this user

department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

remote_display_idstring or null

Identifier that is displayed on the IDP or HR system, eg, if OKTA identifies you as user xyz

Response
application/json
{
  "id": "string",
  "first_name": "string",
  "last_name": "string",
  "email": "string",
  "status": "INVITED",
  "manager_id": "string",
  "department_id": "string",
  "location_id": "string",
  "title_id": "string",
  "metadata": {
    "property1": "string",
    "property2": "string"
  },
  "remote_display_id": "string"
}

Get user

Request

This endpoint gets a user by ID.

Security
OAuth2(Required scopes:
users
users.readonly
)
Path
idstringrequired
curl -i -X GET \
  'https://api.brex.com/v2/users/{id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

getUserById 200 response

Bodyapplication/json
idstringrequired
first_namestringrequired

First name of the user

last_namestringrequired

Last name of the user

emailstringrequired

Email address of the user

statusstring or null

Status of the user

Enum"INVITED""ACTIVE""CLOSED""DISABLED""DELETED""PENDING_ACTIVATION""INACTIVE""ARCHIVED"
manager_idstring or null

The user id of the manager of this user

department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

remote_display_idstring or null

Identifier that is displayed on the IDP or HR system, eg, if OKTA identifies you as user xyz

Response
application/json
{
  "id": "string",
  "first_name": "string",
  "last_name": "string",
  "email": "string",
  "status": "INVITED",
  "manager_id": "string",
  "department_id": "string",
  "location_id": "string",
  "title_id": "string",
  "metadata": {
    "property1": "string",
    "property2": "string"
  },
  "remote_display_id": "string"
}

Update user

Request

This endpoint updates a user. Any parameters not provided will be left unchanged.

Security
OAuth2(Required scopes:
users
)
Path
idstringrequired
Headers
Idempotency-Keystring or null
Bodyapplication/jsonrequired
statusstring or null

Acceptable user status for update. To suspend a user, set status to 'disabled'. To unsuspend a user, set status to 'active'.

Enum"ACTIVE""DISABLED"
manager_idstring or null

The user id of the manager of this user

department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

curl -i -X PUT \
  'https://api.brex.com/v2/users/{id}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "status": "ACTIVE",
    "manager_id": "string",
    "department_id": "string",
    "location_id": "string",
    "title_id": "string",
    "metadata": {
      "property1": "string",
      "property2": "string"
    }
  }'

Responses

updateUser 200 response

Bodyapplication/json
idstringrequired
first_namestringrequired

First name of the user

last_namestringrequired

Last name of the user

emailstringrequired

Email address of the user

statusstring or null

Status of the user

Enum"INVITED""ACTIVE""CLOSED""DISABLED""DELETED""PENDING_ACTIVATION""INACTIVE""ARCHIVED"
manager_idstring or null

The user id of the manager of this user

department_idstring or null
location_idstring or null
title_idstring or null
metadataobject or null

The metadata or customized attributes of the user. Maximum number of entries: 100

remote_display_idstring or null

Identifier that is displayed on the IDP or HR system, eg, if OKTA identifies you as user xyz

Response
application/json
{
  "id": "string",
  "first_name": "string",
  "last_name": "string",
  "email": "string",
  "status": "INVITED",
  "manager_id": "string",
  "department_id": "string",
  "location_id": "string",
  "title_id": "string",
  "metadata": {
    "property1": "string",
    "property2": "string"
  },
  "remote_display_id": "string"
}

Get limit for the user

Request

This endpoint gets the monthly limit for the user including the monthly available limit.

Security
OAuth2(Required scopes:
users
users.readonly
)
Path
idstringrequired
curl -i -X GET \
  'https://api.brex.com/v2/users/{id}/limit' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

getUserLimit 200 response

Bodyapplication/json
monthly_limitobject or null

Money fields can be signed or unsigned. Fields are signed (an unsigned value will be interpreted as positive). The amount of money will be represented in the smallest denomination of the currency indicated. For example, USD 7.00 will be represented in cents with an amount of 700.

monthly_availableobject or null

Money fields can be signed or unsigned. Fields are signed (an unsigned value will be interpreted as positive). The amount of money will be represented in the smallest denomination of the currency indicated. For example, USD 7.00 will be represented in cents with an amount of 700.

Response
application/json
{
  "monthly_limit": {
    "amount": 700,
    "currency": "USD"
  },
  "monthly_available": {
    "amount": 700,
    "currency": "USD"
  }
}

Set limit for the user

Request

This endpoint sets the monthly limit for a user. The limit amount must be non-negative. To unset the monthly limit of the user, just set monthly_limit to null.

Security
OAuth2(Required scopes:
users
)
Path
idstringrequired
Headers
Idempotency-Keystring or null
Bodyapplication/jsonrequired
monthly_limitobject or null

Money fields can be signed or unsigned. Fields are signed (an unsigned value will be interpreted as positive). The amount of money will be represented in the smallest denomination of the currency indicated. For example, USD 7.00 will be represented in cents with an amount of 700.

curl -i -X POST \
  'https://api.brex.com/v2/users/{id}/limit' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "monthly_limit": {
      "amount": 700,
      "currency": "USD"
    }
  }'

Responses

setUserLimit 200 response

Bodyapplication/json
monthly_limitobject or null

Money fields can be signed or unsigned. Fields are signed (an unsigned value will be interpreted as positive). The amount of money will be represented in the smallest denomination of the currency indicated. For example, USD 7.00 will be represented in cents with an amount of 700.

monthly_availableobject or null

Money fields can be signed or unsigned. Fields are signed (an unsigned value will be interpreted as positive). The amount of money will be represented in the smallest denomination of the currency indicated. For example, USD 7.00 will be represented in cents with an amount of 700.

Response
application/json
{
  "monthly_limit": {
    "amount": 700,
    "currency": "USD"
  },
  "monthly_available": {
    "amount": 700,
    "currency": "USD"
  }
}

Locations

Endpoints for location management.

Operations

Departments

Endpoints for department management.

Operations

Titles

Endpoints for title management.

Operations

Cards

Endpoints for card management.

Operations

Companies

Operations
Copyright © Brex 2019–2026. All rights reserved.