Skip Main Navigation
Page Content

Organizations

In the first half of 2018 Eventbrite introduced a new ‘Organizations’ architecture to better support users with more complex needs.

This change allows event creators to grant and manage other Eventbrite users’ permissions to their events. For example, a music promoter may run an annual festival and multiple music venues. With one Eventbrite ‘Organizations’ account, the music promoter can granularly manage which employees, teams, or outside parties (other Eventbrite users) have access to specific events, particular actions on those events, and associated data.

All of Eventbrite’s event creators will be migrated to this new architecture over time, starting with all users of Eventbrite Music.

Summary of changes to permission model:

  • In our new permissions model, we are introducing a new concept – organizations. Organizations are now at the top of our data model; users belong to either one or multiple organizations. This gives our users a lot more flexibility, where now they can have one Eventbrite account that belongs to multiple organizations.
  • For developers, we’ll now be explicit about a) what organization(s) a user belongs to and b) what permissions that user has within each organization.

Changes needed to accommodate:

Supporting organizations

  • These changes mean that you will need to account for this notion of an ‘organization’. When a user authenticates to your app, you will now need to account for the fact that a user could be part of more than one organization – and in those cases – be explicit about which organization(s) the user wants to sync with your application.
  • “Organization ID” is the ID of any organization. These will be returned by the /users/me/organizations/ endpoint – and that endpoint is the only safe way for an API consumer to get an organization ID for the first time.

Migrating to new endpoints

  • With the introduction of organizations, many of our endpoints have necessarily changed to make clear what organization an API call relates to.
  • As an example, the endpoint GET /v3/users/:user_id/events/ (a list of events ‘owned’ by that user) would be replaced by GET /v3/organizations/:organization_id/events/

FAQs

What happens if I don’t upgrade to the new endpoints?

  • Only integrations that have migrated to the new endpoints will be compatible with users of the new music product. With more than 2K new, high-value Eventbrite organizers set to start using that product, it will be a great chance to acquire valuable new users of your application.
  • In time, once all Eventbrite users have migrated to the new permission model, any app that doesn’t support the new endpoints will break and stop being functional.

Is the authentication (OAuth) flow changing at all?

No

An application can access to information across multiple organizations with the same auth token?

  • Yes. This is a benefit of the new model. The experience of using your application should be better for users who had to previously have two separate Eventbrite accounts. E.g., if a user maintained an Eventbrite account for Venue A and separate Eventbrite account for Venue B, that would have meant maintaining two separate connections to your application. Now – as long as its supported by your data model – a single Eventbrite user can connect to your app and sync information related to all organizations in which they are a part of. The crucial thing is of course that it is clear and explicit which organizations they are choosing to ‘connect’.