Org

rensei org manages the membership, invite, and API-key surfaces of your Rensei organization from the CLI. Use it to inspect and switch orgs, manage members and their roles, handle pending invites, and create or revoke org-scoped API keys.

Commands

org list

List all orgs your authenticated identity has access to.

rensei org list [--json]

rensei org list
rensei org list --json

Example output:

SLUG              DISPLAY NAME           ROLE       ACTIVE
acme-engineering  Acme Engineering       admin      *
acme-sandbox      Acme Sandbox           member

The * marks the currently active org. CLI commands that require an org context use the active org unless overridden with --org <slug>.

org activate

Switch the active org context stored in ~/.config/rensei/config.json.

rensei org activate <slug>
rensei org activate --name "<display-name>"

rensei org activate acme-engineering
rensei org activate --name "Acme Engineering"

org show

Print details of the currently active org.

rensei org show

Includes org slug, display name, your role, member count, and the API base URL that CLI commands resolve against.

Members

org members list

rensei org members list [--json]

rensei org members list

Example output:

EMAIL                      ROLE     JOINED
mark@acme.com              admin    2024-11-01
sara@acme.com              member   2025-01-14
bot-ci@acme.com            viewer   2025-03-02

org members update

Change a member's role.

rensei org members update <email> --role <role>

Valid roles: admin, member, viewer.

rensei org members update sara@acme.com --role admin

org members remove

Remove a member from the org. Use --yes to skip the confirmation prompt.

rensei org members remove <email> [--yes]

rensei org members remove former-contractor@acme.com --yes

Invites

org invites list

List pending (not yet accepted) invitations.

rensei org invites list [--json]

org invites create

Send an email invitation to join the org.

rensei org invites create <email> --role <role>

Valid roles: admin, member, viewer.

rensei org invites create new-hire@acme.com --role member

The invitation link is sent to the provided email address. Invites are valid for 7 days.

org invites revoke

Cancel a pending invite before it is accepted.

rensei org invites revoke <invite-id> [--yes]

Invite IDs are shown by org invites list. Use --yes to skip confirmation.

API keys

Org-scoped API keys (rsk_live_*) are used for automation, CI pipelines, and service-to-service calls. They are not tied to any individual user identity and do not expire unless explicitly revoked.

org api-keys list

rensei org api-keys list [--json]

Example output:

ID              NAME              SCOPES                    CREATED
key-abc123      CI pipeline       sessions:read,write       2025-06-01
key-def456      Monitoring bot    sessions:read             2025-09-14

org api-keys create

Create a new org-scoped API key.

rensei org api-keys create --name <name> [--scopes <scope,...>]

rensei org api-keys create --name "CI pipeline" --scopes "sessions:read,sessions:write"

Common scopes:

For the full scope list and usage with the REST API, see API keys.

org api-keys revoke

Permanently revoke a key. All requests using the revoked key will immediately begin returning 401 Unauthorized.

rensei org api-keys revoke <key-id> [--yes]

rensei org api-keys revoke key-abc123 --yes

Global flags

All rensei org commands accept the standard global flags:

See Global flags for the full set.

Related pages

• Auth contexts - user, org_token, and project_token auth kinds
• Members and RBAC - role definitions and platform access model
• API keys - rsk_live_* key scopes and the REST API auth surface
• Project - project-level membership, repos, trackers, and tokens