Organization Applications
Endpoints for managing organization registration applications.
Permission Model:
- Apply: Any authenticated user can submit applications
- Approve/Reject: Requires ADMIN role
- Cancel: Requires resource-level permission on the application
- View Pending: Requires ADMIN role
Application Lifecycle:
- User submits application → PENDING
- Admin approves → APPROVED (triggers onboarding)
- Admin rejects → REJECTED (with reason)
- User cancels → CANCELLED
Onboarding Process (triggered on approval):
- Organization entity created
- Audit record initialized
- Default operator user created with generated credentials
- Owner permissions assigned
- Email with credentials sent (async)