Membership
Users are added to workspaces through Clerk. Roles:
API keys do not have a role — they have scopes (see Authentication). Scope checks replace role checks for programmatic access.
Listing your workspaces
Returns the workspaces the current user belongs to. Requires a Clerk JWT (not an API key).Workspace isolation
There is no cross-workspace data access. Every API request, every webhook delivery, and every MCP tool call is scoped to a single workspace, derived from:- The Clerk organization on the JWT, or
- The workspace bound to the API key at creation time.
403 Forbidden.