Change a member's role (owner-only)
An org must keep at least one owner — demoting the last owner is refused with 409 last_owner.
承認
The dashboard's signed, HttpOnly session cookie (packages/service/src/auth.ts): base64url(payload).base64url(hmac-sha256), absolute 30-day lifetime, SameSite=Lax, Secure on any TLS deployment. Minted by POST /api/auth/signup or POST /api/auth/login (or, outside production, auto-provisioned by GET /api/session). Because it is HttpOnly, it cannot be read or attached by a browser-based API-reference "Try it" panel across origins — exercise these routes with a real logged-in browser session or a cookie-jar HTTP client.
パスパラメータ
ボディ
owner may mint/revoke keys, publish, provision secrets, and manage schedules/members; member has read access plus non-sensitive mutations (e.g. correcting an automation's site/task). Every org must always keep at least one owner.
owner, member レスポンス
Updated.