list organizations (#537)

cmd/zrok/adminListOrganizations.go

@@ -0,0 +1,59 @@
+package main
+
+import (
+	"fmt"
+	"github.com/jedib0t/go-pretty/v6/table"
+	"github.com/openziti/zrok/environment"
+	"github.com/openziti/zrok/rest_client_zrok/admin"
+	"github.com/spf13/cobra"
+	"os"
+)
+
+func init() {
+	adminListCmd.AddCommand(newAdminListOrganizationsCommand().cmd)
+}
+
+type adminListOrganizationsCommand struct {
+	cmd *cobra.Command
+}
+
+func newAdminListOrganizationsCommand() *adminListOrganizationsCommand {
+	cmd := &cobra.Command{
+		Use:     "organizations",
+		Aliases: []string{"orgs"},
+		Short:   "List all organizations",
+		Args:    cobra.NoArgs,
+	}
+	command := &adminListOrganizationsCommand{cmd}
+	cmd.Run = command.run
+	return command
+}
+
+func (c *adminListOrganizationsCommand) run(_ *cobra.Command, _ []string) {
+	env, err := environment.LoadRoot()
+	if err != nil {
+		panic(err)
+	}
+
+	zrok, err := env.Client()
+	if err != nil {
+		panic(err)
+	}
+
+	req := admin.NewListOrganizationsParams()
+	resp, err := zrok.Admin.ListOrganizations(req, mustGetAdminAuth())
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Println()
+	t := table.NewWriter()
+	t.SetOutputMirror(os.Stdout)
+	t.SetStyle(table.StyleColoredDark)
+	t.AppendHeader(table.Row{"Token", "Description"})
+	for _, org := range resp.Payload.Organizations {
+		t.AppendRow(table.Row{org.Token, org.Description})
+	}
+	t.Render()
+	fmt.Println()
+}

controller/controller.go

@@ -62,6 +62,7 @@ func Run(inCfg *config.Config) error {
 	api.AdminInviteTokenGenerateHandler = newInviteTokenGenerateHandler()
 	api.AdminListFrontendsHandler = newListFrontendsHandler()
 	api.AdminListOrganizationMembersHandler = newListOrganizationMembersHandler()
+	api.AdminListOrganizationsHandler = newListOrganizationsHandler()
 	api.AdminRemoveOrganizationMemberHandler = newRemoveOrganizationMemberHandler()
 	api.AdminUpdateFrontendHandler = newUpdateFrontendHandler()
 	api.EnvironmentEnableHandler = newEnableHandler()

controller/listOrganizations.go

@@ -0,0 +1,40 @@
+package controller
+
+import (
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/openziti/zrok/rest_model_zrok"
+	"github.com/openziti/zrok/rest_server_zrok/operations/admin"
+	"github.com/sirupsen/logrus"
+)
+
+type listOrganizationsHandler struct{}
+
+func newListOrganizationsHandler() *listOrganizationsHandler {
+	return &listOrganizationsHandler{}
+}
+
+func (h *listOrganizationsHandler) Handle(_ admin.ListOrganizationsParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	if !principal.Admin {
+		logrus.Error("invalid admin principal")
+		return admin.NewListOrganizationsUnauthorized()
+	}
+
+	trx, err := str.Begin()
+	if err != nil {
+		logrus.Errorf("error starting transaction: %v", err)
+		return admin.NewListOrganizationsInternalServerError()
+	}
+	defer func() { _ = trx.Rollback() }()
+
+	orgs, err := str.FindOrganizations(trx)
+	if err != nil {
+		logrus.Errorf("error finding organizations: %v", err)
+		return admin.NewListOrganizationsInternalServerError()
+	}
+
+	var out []*admin.ListOrganizationsOKBodyOrganizationsItems0
+	for _, org := range orgs {
+		out = append(out, &admin.ListOrganizationsOKBodyOrganizationsItems0{Description: org.Description, Token: org.Token})
+	}
+	return admin.NewListOrganizationsOK().WithPayload(&admin.ListOrganizationsOKBody{Organizations: out})
+}

controller/store/organization.go

@@ -23,6 +23,22 @@ func (str *Store) CreateOrganization(org *Organization, trx *sqlx.Tx) (int, erro
 	return id, nil
 }
 
+func (str *Store) FindOrganizations(trx *sqlx.Tx) ([]*Organization, error) {
+	rows, err := trx.Queryx("select * from organizations where not deleted")
+	if err != nil {
+		return nil, errors.Wrap(err, "error finding organizations")
+	}
+	var orgs []*Organization
+	for rows.Next() {
+		org := &Organization{}
+		if err := rows.StructScan(&org); err != nil {
+			return nil, errors.Wrap(err, "error scanning organization")
+		}
+		orgs = append(orgs, org)
+	}
+	return orgs, nil
+}
+
 func (str *Store) FindOrganizationByToken(token string, trx *sqlx.Tx) (*Organization, error) {
 	org := &Organization{}
 	if err := trx.QueryRowx("select * from organizations where token = $1 and not deleted", token).StructScan(org); err != nil {

rest_client_zrok/admin/admin_client.go

@@ -52,6 +52,8 @@ type ClientService interface {
 
 	ListOrganizationMembers(params *ListOrganizationMembersParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ListOrganizationMembersOK, error)
 
+	ListOrganizations(params *ListOrganizationsParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ListOrganizationsOK, error)
+
 	RemoveOrganizationMember(params *RemoveOrganizationMemberParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*RemoveOrganizationMemberOK, error)
 
 	UpdateFrontend(params *UpdateFrontendParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*UpdateFrontendOK, error)
@@ -488,6 +490,45 @@ func (a *Client) ListOrganizationMembers(params *ListOrganizationMembersParams,
 	panic(msg)
 }
 
+/*
+ListOrganizations list organizations API
+*/
+func (a *Client) ListOrganizations(params *ListOrganizationsParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*ListOrganizationsOK, error) {
+	// TODO: Validate the params before sending
+	if params == nil {
+		params = NewListOrganizationsParams()
+	}
+	op := &runtime.ClientOperation{
+		ID:                 "listOrganizations",
+		Method:             "GET",
+		PathPattern:        "/organizations",
+		ProducesMediaTypes: []string{"application/zrok.v1+json"},
+		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
+		Schemes:            []string{"http"},
+		Params:             params,
+		Reader:             &ListOrganizationsReader{formats: a.formats},
+		AuthInfo:           authInfo,
+		Context:            params.Context,
+		Client:             params.HTTPClient,
+	}
+	for _, opt := range opts {
+		opt(op)
+	}
+
+	result, err := a.transport.Submit(op)
+	if err != nil {
+		return nil, err
+	}
+	success, ok := result.(*ListOrganizationsOK)
+	if ok {
+		return success, nil
+	}
+	// unexpected success response
+	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
+	msg := fmt.Sprintf("unexpected success response for listOrganizations: API contract not enforced by server. Client expected to get an error, but got: %T", result)
+	panic(msg)
+}
+
 /*
 RemoveOrganizationMember remove organization member API
 */

rest_client_zrok/admin/list_organizations_parameters.go

@@ -0,0 +1,128 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	cr "github.com/go-openapi/runtime/client"
+	"github.com/go-openapi/strfmt"
+)
+
+// NewListOrganizationsParams creates a new ListOrganizationsParams object,
+// with the default timeout for this client.
+//
+// Default values are not hydrated, since defaults are normally applied by the API server side.
+//
+// To enforce default values in parameter, use SetDefaults or WithDefaults.
+func NewListOrganizationsParams() *ListOrganizationsParams {
+	return &ListOrganizationsParams{
+		timeout: cr.DefaultTimeout,
+	}
+}
+
+// NewListOrganizationsParamsWithTimeout creates a new ListOrganizationsParams object
+// with the ability to set a timeout on a request.
+func NewListOrganizationsParamsWithTimeout(timeout time.Duration) *ListOrganizationsParams {
+	return &ListOrganizationsParams{
+		timeout: timeout,
+	}
+}
+
+// NewListOrganizationsParamsWithContext creates a new ListOrganizationsParams object
+// with the ability to set a context for a request.
+func NewListOrganizationsParamsWithContext(ctx context.Context) *ListOrganizationsParams {
+	return &ListOrganizationsParams{
+		Context: ctx,
+	}
+}
+
+// NewListOrganizationsParamsWithHTTPClient creates a new ListOrganizationsParams object
+// with the ability to set a custom HTTPClient for a request.
+func NewListOrganizationsParamsWithHTTPClient(client *http.Client) *ListOrganizationsParams {
+	return &ListOrganizationsParams{
+		HTTPClient: client,
+	}
+}
+
+/*
+ListOrganizationsParams contains all the parameters to send to the API endpoint
+
+	for the list organizations operation.
+
+	Typically these are written to a http.Request.
+*/
+type ListOrganizationsParams struct {
+	timeout    time.Duration
+	Context    context.Context
+	HTTPClient *http.Client
+}
+
+// WithDefaults hydrates default values in the list organizations params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *ListOrganizationsParams) WithDefaults() *ListOrganizationsParams {
+	o.SetDefaults()
+	return o
+}
+
+// SetDefaults hydrates default values in the list organizations params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *ListOrganizationsParams) SetDefaults() {
+	// no default values defined for this parameter
+}
+
+// WithTimeout adds the timeout to the list organizations params
+func (o *ListOrganizationsParams) WithTimeout(timeout time.Duration) *ListOrganizationsParams {
+	o.SetTimeout(timeout)
+	return o
+}
+
+// SetTimeout adds the timeout to the list organizations params
+func (o *ListOrganizationsParams) SetTimeout(timeout time.Duration) {
+	o.timeout = timeout
+}
+
+// WithContext adds the context to the list organizations params
+func (o *ListOrganizationsParams) WithContext(ctx context.Context) *ListOrganizationsParams {
+	o.SetContext(ctx)
+	return o
+}
+
+// SetContext adds the context to the list organizations params
+func (o *ListOrganizationsParams) SetContext(ctx context.Context) {
+	o.Context = ctx
+}
+
+// WithHTTPClient adds the HTTPClient to the list organizations params
+func (o *ListOrganizationsParams) WithHTTPClient(client *http.Client) *ListOrganizationsParams {
+	o.SetHTTPClient(client)
+	return o
+}
+
+// SetHTTPClient adds the HTTPClient to the list organizations params
+func (o *ListOrganizationsParams) SetHTTPClient(client *http.Client) {
+	o.HTTPClient = client
+}
+
+// WriteToRequest writes these params to a swagger request
+func (o *ListOrganizationsParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
+
+	if err := r.SetTimeout(o.timeout); err != nil {
+		return err
+	}
+	var res []error
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

rest_client_zrok/admin/list_organizations_responses.go

@@ -0,0 +1,377 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"fmt"
+	"io"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// ListOrganizationsReader is a Reader for the ListOrganizations structure.
+type ListOrganizationsReader struct {
+	formats strfmt.Registry
+}
+
+// ReadResponse reads a server response into the received o.
+func (o *ListOrganizationsReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
+	switch response.Code() {
+	case 200:
+		result := NewListOrganizationsOK()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return result, nil
+	case 401:
+		result := NewListOrganizationsUnauthorized()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	case 500:
+		result := NewListOrganizationsInternalServerError()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	default:
+		return nil, runtime.NewAPIError("[GET /organizations] listOrganizations", response, response.Code())
+	}
+}
+
+// NewListOrganizationsOK creates a ListOrganizationsOK with default headers values
+func NewListOrganizationsOK() *ListOrganizationsOK {
+	return &ListOrganizationsOK{}
+}
+
+/*
+ListOrganizationsOK describes a response with status code 200, with default header values.
+
+ok
+*/
+type ListOrganizationsOK struct {
+	Payload *ListOrganizationsOKBody
+}
+
+// IsSuccess returns true when this list organizations o k response has a 2xx status code
+func (o *ListOrganizationsOK) IsSuccess() bool {
+	return true
+}
+
+// IsRedirect returns true when this list organizations o k response has a 3xx status code
+func (o *ListOrganizationsOK) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this list organizations o k response has a 4xx status code
+func (o *ListOrganizationsOK) IsClientError() bool {
+	return false
+}
+
+// IsServerError returns true when this list organizations o k response has a 5xx status code
+func (o *ListOrganizationsOK) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this list organizations o k response a status code equal to that given
+func (o *ListOrganizationsOK) IsCode(code int) bool {
+	return code == 200
+}
+
+// Code gets the status code for the list organizations o k response
+func (o *ListOrganizationsOK) Code() int {
+	return 200
+}
+
+func (o *ListOrganizationsOK) Error() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsOK  %+v", 200, o.Payload)
+}
+
+func (o *ListOrganizationsOK) String() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsOK  %+v", 200, o.Payload)
+}
+
+func (o *ListOrganizationsOK) GetPayload() *ListOrganizationsOKBody {
+	return o.Payload
+}
+
+func (o *ListOrganizationsOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	o.Payload = new(ListOrganizationsOKBody)
+
+	// response payload
+	if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF {
+		return err
+	}
+
+	return nil
+}
+
+// NewListOrganizationsUnauthorized creates a ListOrganizationsUnauthorized with default headers values
+func NewListOrganizationsUnauthorized() *ListOrganizationsUnauthorized {
+	return &ListOrganizationsUnauthorized{}
+}
+
+/*
+ListOrganizationsUnauthorized describes a response with status code 401, with default header values.
+
+unauthorized
+*/
+type ListOrganizationsUnauthorized struct {
+}
+
+// IsSuccess returns true when this list organizations unauthorized response has a 2xx status code
+func (o *ListOrganizationsUnauthorized) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this list organizations unauthorized response has a 3xx status code
+func (o *ListOrganizationsUnauthorized) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this list organizations unauthorized response has a 4xx status code
+func (o *ListOrganizationsUnauthorized) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this list organizations unauthorized response has a 5xx status code
+func (o *ListOrganizationsUnauthorized) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this list organizations unauthorized response a status code equal to that given
+func (o *ListOrganizationsUnauthorized) IsCode(code int) bool {
+	return code == 401
+}
+
+// Code gets the status code for the list organizations unauthorized response
+func (o *ListOrganizationsUnauthorized) Code() int {
+	return 401
+}
+
+func (o *ListOrganizationsUnauthorized) Error() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsUnauthorized ", 401)
+}
+
+func (o *ListOrganizationsUnauthorized) String() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsUnauthorized ", 401)
+}
+
+func (o *ListOrganizationsUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+// NewListOrganizationsInternalServerError creates a ListOrganizationsInternalServerError with default headers values
+func NewListOrganizationsInternalServerError() *ListOrganizationsInternalServerError {
+	return &ListOrganizationsInternalServerError{}
+}
+
+/*
+ListOrganizationsInternalServerError describes a response with status code 500, with default header values.
+
+internal server error
+*/
+type ListOrganizationsInternalServerError struct {
+}
+
+// IsSuccess returns true when this list organizations internal server error response has a 2xx status code
+func (o *ListOrganizationsInternalServerError) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this list organizations internal server error response has a 3xx status code
+func (o *ListOrganizationsInternalServerError) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this list organizations internal server error response has a 4xx status code
+func (o *ListOrganizationsInternalServerError) IsClientError() bool {
+	return false
+}
+
+// IsServerError returns true when this list organizations internal server error response has a 5xx status code
+func (o *ListOrganizationsInternalServerError) IsServerError() bool {
+	return true
+}
+
+// IsCode returns true when this list organizations internal server error response a status code equal to that given
+func (o *ListOrganizationsInternalServerError) IsCode(code int) bool {
+	return code == 500
+}
+
+// Code gets the status code for the list organizations internal server error response
+func (o *ListOrganizationsInternalServerError) Code() int {
+	return 500
+}
+
+func (o *ListOrganizationsInternalServerError) Error() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsInternalServerError ", 500)
+}
+
+func (o *ListOrganizationsInternalServerError) String() string {
+	return fmt.Sprintf("[GET /organizations][%d] listOrganizationsInternalServerError ", 500)
+}
+
+func (o *ListOrganizationsInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+/*
+ListOrganizationsOKBody list organizations o k body
+swagger:model ListOrganizationsOKBody
+*/
+type ListOrganizationsOKBody struct {
+
+	// organizations
+	Organizations []*ListOrganizationsOKBodyOrganizationsItems0 `json:"organizations"`
+}
+
+// Validate validates this list organizations o k body
+func (o *ListOrganizationsOKBody) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := o.validateOrganizations(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (o *ListOrganizationsOKBody) validateOrganizations(formats strfmt.Registry) error {
+	if swag.IsZero(o.Organizations) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(o.Organizations); i++ {
+		if swag.IsZero(o.Organizations[i]) { // not required
+			continue
+		}
+
+		if o.Organizations[i] != nil {
+			if err := o.Organizations[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this list organizations o k body based on the context it is used
+func (o *ListOrganizationsOKBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := o.contextValidateOrganizations(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (o *ListOrganizationsOKBody) contextValidateOrganizations(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(o.Organizations); i++ {
+
+		if o.Organizations[i] != nil {
+
+			if swag.IsZero(o.Organizations[i]) { // not required
+				return nil
+			}
+
+			if err := o.Organizations[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *ListOrganizationsOKBody) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *ListOrganizationsOKBody) UnmarshalBinary(b []byte) error {
+	var res ListOrganizationsOKBody
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}
+
+/*
+ListOrganizationsOKBodyOrganizationsItems0 list organizations o k body organizations items0
+swagger:model ListOrganizationsOKBodyOrganizationsItems0
+*/
+type ListOrganizationsOKBodyOrganizationsItems0 struct {
+
+	// description
+	Description string `json:"description,omitempty"`
+
+	// token
+	Token string `json:"token,omitempty"`
+}
+
+// Validate validates this list organizations o k body organizations items0
+func (o *ListOrganizationsOKBodyOrganizationsItems0) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this list organizations o k body organizations items0 based on context it is used
+func (o *ListOrganizationsOKBodyOrganizationsItems0) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *ListOrganizationsOKBodyOrganizationsItems0) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *ListOrganizationsOKBodyOrganizationsItems0) UnmarshalBinary(b []byte) error {
+	var res ListOrganizationsOKBodyOrganizationsItems0
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}

rest_server_zrok/embedded_spec.go

@@ -1059,6 +1059,47 @@ func init() {
         }
       }
     },
+    "/organizations": {
+      "get": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "admin"
+        ],
+        "operationId": "listOrganizations",
+        "responses": {
+          "200": {
+            "description": "ok",
+            "schema": {
+              "properties": {
+                "organizations": {
+                  "type": "array",
+                  "items": {
+                    "properties": {
+                      "description": {
+                        "type": "string"
+                      },
+                      "token": {
+                        "type": "string"
+                      }
+                    }
+                  }
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "unauthorized"
+          },
+          "500": {
+            "description": "internal server error"
+          }
+        }
+      }
+    },
     "/overview": {
       "get": {
         "security": [
@@ -3130,6 +3171,40 @@ func init() {
         }
       }
     },
+    "/organizations": {
+      "get": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "admin"
+        ],
+        "operationId": "listOrganizations",
+        "responses": {
+          "200": {
+            "description": "ok",
+            "schema": {
+              "properties": {
+                "organizations": {
+                  "type": "array",
+                  "items": {
+                    "$ref": "#/definitions/OrganizationsItems0"
+                  }
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "unauthorized"
+          },
+          "500": {
+            "description": "internal server error"
+          }
+        }
+      }
+    },
     "/overview": {
       "get": {
         "security": [
@@ -3523,6 +3598,16 @@ func init() {
         }
       }
     },
+    "OrganizationsItems0": {
+      "properties": {
+        "description": {
+          "type": "string"
+        },
+        "token": {
+          "type": "string"
+        }
+      }
+    },
     "accessRequest": {
       "type": "object",
       "properties": {

rest_server_zrok/operations/admin/list_organizations.go

@@ -0,0 +1,222 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"context"
+	"net/http"
+	"strconv"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+
+	"github.com/openziti/zrok/rest_model_zrok"
+)
+
+// ListOrganizationsHandlerFunc turns a function with the right signature into a list organizations handler
+type ListOrganizationsHandlerFunc func(ListOrganizationsParams, *rest_model_zrok.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn ListOrganizationsHandlerFunc) Handle(params ListOrganizationsParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// ListOrganizationsHandler interface for that can handle valid list organizations params
+type ListOrganizationsHandler interface {
+	Handle(ListOrganizationsParams, *rest_model_zrok.Principal) middleware.Responder
+}
+
+// NewListOrganizations creates a new http.Handler for the list organizations operation
+func NewListOrganizations(ctx *middleware.Context, handler ListOrganizationsHandler) *ListOrganizations {
+	return &ListOrganizations{Context: ctx, Handler: handler}
+}
+
+/*
+	ListOrganizations swagger:route GET /organizations admin listOrganizations
+
+ListOrganizations list organizations API
+*/
+type ListOrganizations struct {
+	Context *middleware.Context
+	Handler ListOrganizationsHandler
+}
+
+func (o *ListOrganizations) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewListOrganizationsParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *rest_model_zrok.Principal
+	if uprinc != nil {
+		principal = uprinc.(*rest_model_zrok.Principal) // this is really a rest_model_zrok.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
+
+// ListOrganizationsOKBody list organizations o k body
+//
+// swagger:model ListOrganizationsOKBody
+type ListOrganizationsOKBody struct {
+
+	// organizations
+	Organizations []*ListOrganizationsOKBodyOrganizationsItems0 `json:"organizations"`
+}
+
+// Validate validates this list organizations o k body
+func (o *ListOrganizationsOKBody) Validate(formats strfmt.Registry) error {
+	var res []error
+
+	if err := o.validateOrganizations(formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (o *ListOrganizationsOKBody) validateOrganizations(formats strfmt.Registry) error {
+	if swag.IsZero(o.Organizations) { // not required
+		return nil
+	}
+
+	for i := 0; i < len(o.Organizations); i++ {
+		if swag.IsZero(o.Organizations[i]) { // not required
+			continue
+		}
+
+		if o.Organizations[i] != nil {
+			if err := o.Organizations[i].Validate(formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// ContextValidate validate this list organizations o k body based on the context it is used
+func (o *ListOrganizationsOKBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	var res []error
+
+	if err := o.contextValidateOrganizations(ctx, formats); err != nil {
+		res = append(res, err)
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}
+
+func (o *ListOrganizationsOKBody) contextValidateOrganizations(ctx context.Context, formats strfmt.Registry) error {
+
+	for i := 0; i < len(o.Organizations); i++ {
+
+		if o.Organizations[i] != nil {
+
+			if swag.IsZero(o.Organizations[i]) { // not required
+				return nil
+			}
+
+			if err := o.Organizations[i].ContextValidate(ctx, formats); err != nil {
+				if ve, ok := err.(*errors.Validation); ok {
+					return ve.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				} else if ce, ok := err.(*errors.CompositeError); ok {
+					return ce.ValidateName("listOrganizationsOK" + "." + "organizations" + "." + strconv.Itoa(i))
+				}
+				return err
+			}
+		}
+
+	}
+
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *ListOrganizationsOKBody) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *ListOrganizationsOKBody) UnmarshalBinary(b []byte) error {
+	var res ListOrganizationsOKBody
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}
+
+// ListOrganizationsOKBodyOrganizationsItems0 list organizations o k body organizations items0
+//
+// swagger:model ListOrganizationsOKBodyOrganizationsItems0
+type ListOrganizationsOKBodyOrganizationsItems0 struct {
+
+	// description
+	Description string `json:"description,omitempty"`
+
+	// token
+	Token string `json:"token,omitempty"`
+}
+
+// Validate validates this list organizations o k body organizations items0
+func (o *ListOrganizationsOKBodyOrganizationsItems0) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this list organizations o k body organizations items0 based on context it is used
+func (o *ListOrganizationsOKBodyOrganizationsItems0) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *ListOrganizationsOKBodyOrganizationsItems0) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *ListOrganizationsOKBodyOrganizationsItems0) UnmarshalBinary(b []byte) error {
+	var res ListOrganizationsOKBodyOrganizationsItems0
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}

rest_server_zrok/operations/admin/list_organizations_parameters.go

@@ -0,0 +1,46 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime/middleware"
+)
+
+// NewListOrganizationsParams creates a new ListOrganizationsParams object
+//
+// There are no default values defined in the spec.
+func NewListOrganizationsParams() ListOrganizationsParams {
+
+	return ListOrganizationsParams{}
+}
+
+// ListOrganizationsParams contains all the bound params for the list organizations operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters listOrganizations
+type ListOrganizationsParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewListOrganizationsParams() beforehand.
+func (o *ListOrganizationsParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

rest_server_zrok/operations/admin/list_organizations_responses.go

@@ -0,0 +1,107 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+)
+
+// ListOrganizationsOKCode is the HTTP code returned for type ListOrganizationsOK
+const ListOrganizationsOKCode int = 200
+
+/*
+ListOrganizationsOK ok
+
+swagger:response listOrganizationsOK
+*/
+type ListOrganizationsOK struct {
+
+	/*
+	  In: Body
+	*/
+	Payload *ListOrganizationsOKBody `json:"body,omitempty"`
+}
+
+// NewListOrganizationsOK creates ListOrganizationsOK with default headers values
+func NewListOrganizationsOK() *ListOrganizationsOK {
+
+	return &ListOrganizationsOK{}
+}
+
+// WithPayload adds the payload to the list organizations o k response
+func (o *ListOrganizationsOK) WithPayload(payload *ListOrganizationsOKBody) *ListOrganizationsOK {
+	o.Payload = payload
+	return o
+}
+
+// SetPayload sets the payload to the list organizations o k response
+func (o *ListOrganizationsOK) SetPayload(payload *ListOrganizationsOKBody) {
+	o.Payload = payload
+}
+
+// WriteResponse to the client
+func (o *ListOrganizationsOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.WriteHeader(200)
+	if o.Payload != nil {
+		payload := o.Payload
+		if err := producer.Produce(rw, payload); err != nil {
+			panic(err) // let the recovery middleware deal with this
+		}
+	}
+}
+
+// ListOrganizationsUnauthorizedCode is the HTTP code returned for type ListOrganizationsUnauthorized
+const ListOrganizationsUnauthorizedCode int = 401
+
+/*
+ListOrganizationsUnauthorized unauthorized
+
+swagger:response listOrganizationsUnauthorized
+*/
+type ListOrganizationsUnauthorized struct {
+}
+
+// NewListOrganizationsUnauthorized creates ListOrganizationsUnauthorized with default headers values
+func NewListOrganizationsUnauthorized() *ListOrganizationsUnauthorized {
+
+	return &ListOrganizationsUnauthorized{}
+}
+
+// WriteResponse to the client
+func (o *ListOrganizationsUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(401)
+}
+
+// ListOrganizationsInternalServerErrorCode is the HTTP code returned for type ListOrganizationsInternalServerError
+const ListOrganizationsInternalServerErrorCode int = 500
+
+/*
+ListOrganizationsInternalServerError internal server error
+
+swagger:response listOrganizationsInternalServerError
+*/
+type ListOrganizationsInternalServerError struct {
+}
+
+// NewListOrganizationsInternalServerError creates ListOrganizationsInternalServerError with default headers values
+func NewListOrganizationsInternalServerError() *ListOrganizationsInternalServerError {
+
+	return &ListOrganizationsInternalServerError{}
+}
+
+// WriteResponse to the client
+func (o *ListOrganizationsInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(500)
+}

rest_server_zrok/operations/admin/list_organizations_urlbuilder.go

@@ -0,0 +1,87 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// ListOrganizationsURL generates an URL for the list organizations operation
+type ListOrganizationsURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *ListOrganizationsURL) WithBasePath(bp string) *ListOrganizationsURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *ListOrganizationsURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *ListOrganizationsURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/organizations"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *ListOrganizationsURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *ListOrganizationsURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *ListOrganizationsURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on ListOrganizationsURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on ListOrganizationsURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *ListOrganizationsURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

rest_server_zrok/operations/zrok_api.go

@@ -121,6 +121,9 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		AdminListOrganizationMembersHandler: admin.ListOrganizationMembersHandlerFunc(func(params admin.ListOrganizationMembersParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation admin.ListOrganizationMembers has not yet been implemented")
 		}),
+		AdminListOrganizationsHandler: admin.ListOrganizationsHandlerFunc(func(params admin.ListOrganizationsParams, principal *rest_model_zrok.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation admin.ListOrganizations has not yet been implemented")
+		}),
 		AccountLoginHandler: account.LoginHandlerFunc(func(params account.LoginParams) middleware.Responder {
 			return middleware.NotImplemented("operation account.Login has not yet been implemented")
 		}),
@@ -261,6 +264,8 @@ type ZrokAPI struct {
 	AdminListFrontendsHandler admin.ListFrontendsHandler
 	// AdminListOrganizationMembersHandler sets the operation handler for the list organization members operation
 	AdminListOrganizationMembersHandler admin.ListOrganizationMembersHandler
+	// AdminListOrganizationsHandler sets the operation handler for the list organizations operation
+	AdminListOrganizationsHandler admin.ListOrganizationsHandler
 	// AccountLoginHandler sets the operation handler for the login operation
 	AccountLoginHandler account.LoginHandler
 	// MetadataOverviewHandler sets the operation handler for the overview operation
@@ -442,6 +447,9 @@ func (o *ZrokAPI) Validate() error {
 	if o.AdminListOrganizationMembersHandler == nil {
 		unregistered = append(unregistered, "admin.ListOrganizationMembersHandler")
 	}
+	if o.AdminListOrganizationsHandler == nil {
+		unregistered = append(unregistered, "admin.ListOrganizationsHandler")
+	}
 	if o.AccountLoginHandler == nil {
 		unregistered = append(unregistered, "account.LoginHandler")
 	}
@@ -679,6 +687,10 @@ func (o *ZrokAPI) initHandlerCache() {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}
 	o.handlers["POST"]["/organization/list"] = admin.NewListOrganizationMembers(o.context, o.AdminListOrganizationMembersHandler)
+	if o.handlers["GET"] == nil {
+		o.handlers["GET"] = make(map[string]http.Handler)
+	}
+	o.handlers["GET"]["/organizations"] = admin.NewListOrganizations(o.context, o.AdminListOrganizationsHandler)
 	if o.handlers["POST"] == nil {
 		o.handlers["POST"] = make(map[string]http.Handler)
 	}

sdk/nodejs/sdk/src/zrok/api/.openapi-generator/FILES

@@ -30,6 +30,8 @@ model/inviteRequest.ts
 model/inviteTokenGenerateRequest.ts
 model/listOrganizationMembers200Response.ts
 model/listOrganizationMembers200ResponseMembersInner.ts
+model/listOrganizations200Response.ts
+model/listOrganizations200ResponseOrganizationsInner.ts
 model/loginRequest.ts
 model/metrics.ts
 model/metricsSample.ts

sdk/nodejs/sdk/src/zrok/api/api/adminApi.ts

@@ -26,6 +26,7 @@ import { DeleteFrontendRequest } from '../model/deleteFrontendRequest';
 import { GrantsRequest } from '../model/grantsRequest';
 import { InviteTokenGenerateRequest } from '../model/inviteTokenGenerateRequest';
 import { ListOrganizationMembers200Response } from '../model/listOrganizationMembers200Response';
+import { ListOrganizations200Response } from '../model/listOrganizations200Response';
 import { PublicFrontend } from '../model/publicFrontend';
 import { RegenerateToken200Response } from '../model/regenerateToken200Response';
 import { RemoveOrganizationMemberRequest } from '../model/removeOrganizationMemberRequest';
@@ -787,6 +788,70 @@ export class AdminApi {
             });
         });
     }
+    /**
+     * 
+     */
+    public async listOrganizations (options: {headers: {[name: string]: string}} = {headers: {}}) : Promise<{ response: http.IncomingMessage; body: ListOrganizations200Response;  }> {
+        const localVarPath = this.basePath + '/organizations';
+        let localVarQueryParameters: any = {};
+        let localVarHeaderParams: any = (<any>Object).assign({}, this._defaultHeaders);
+        const produces = ['application/zrok.v1+json'];
+        // give precedence to 'application/json'
+        if (produces.indexOf('application/json') >= 0) {
+            localVarHeaderParams.Accept = 'application/json';
+        } else {
+            localVarHeaderParams.Accept = produces.join(',');
+        }
+        let localVarFormParams: any = {};
+
+        (<any>Object).assign(localVarHeaderParams, options.headers);
+
+        let localVarUseFormData = false;
+
+        let localVarRequestOptions: localVarRequest.Options = {
+            method: 'GET',
+            qs: localVarQueryParameters,
+            headers: localVarHeaderParams,
+            uri: localVarPath,
+            useQuerystring: this._useQuerystring,
+            json: true,
+        };
+
+        let authenticationPromise = Promise.resolve();
+        if (this.authentications.key.apiKey) {
+            authenticationPromise = authenticationPromise.then(() => this.authentications.key.applyToRequest(localVarRequestOptions));
+        }
+        authenticationPromise = authenticationPromise.then(() => this.authentications.default.applyToRequest(localVarRequestOptions));
+
+        let interceptorPromise = authenticationPromise;
+        for (const interceptor of this.interceptors) {
+            interceptorPromise = interceptorPromise.then(() => interceptor(localVarRequestOptions));
+        }
+
+        return interceptorPromise.then(() => {
+            if (Object.keys(localVarFormParams).length) {
+                if (localVarUseFormData) {
+                    (<any>localVarRequestOptions).formData = localVarFormParams;
+                } else {
+                    localVarRequestOptions.form = localVarFormParams;
+                }
+            }
+            return new Promise<{ response: http.IncomingMessage; body: ListOrganizations200Response;  }>((resolve, reject) => {
+                localVarRequest(localVarRequestOptions, (error, response, body) => {
+                    if (error) {
+                        reject(error);
+                    } else {
+                        if (response.statusCode && response.statusCode >= 200 && response.statusCode <= 299) {
+                            body = ObjectSerializer.deserialize(body, "ListOrganizations200Response");
+                            resolve({ response: response, body: body });
+                        } else {
+                            reject(new HttpError(response, body, response.statusCode));
+                        }
+                    }
+                });
+            });
+        });
+    }
     /**
      * 
      * @param body 

sdk/nodejs/sdk/src/zrok/api/model/listOrganizations200Response.ts

@@ -0,0 +1,32 @@
+/**
+ * zrok
+ * zrok client access
+ *
+ * The version of the OpenAPI document: 0.3.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { RequestFile } from './models';
+import { ListOrganizations200ResponseOrganizationsInner } from './listOrganizations200ResponseOrganizationsInner';
+
+export class ListOrganizations200Response {
+    'organizations'?: Array<ListOrganizations200ResponseOrganizationsInner>;
+
+    static discriminator: string | undefined = undefined;
+
+    static attributeTypeMap: Array<{name: string, baseName: string, type: string}> = [
+        {
+            "name": "organizations",
+            "baseName": "organizations",
+            "type": "Array<ListOrganizations200ResponseOrganizationsInner>"
+        }    ];
+
+    static getAttributeTypeMap() {
+        return ListOrganizations200Response.attributeTypeMap;
+    }
+}
+

sdk/nodejs/sdk/src/zrok/api/model/listOrganizations200ResponseOrganizationsInner.ts

@@ -0,0 +1,37 @@
+/**
+ * zrok
+ * zrok client access
+ *
+ * The version of the OpenAPI document: 0.3.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { RequestFile } from './models';
+
+export class ListOrganizations200ResponseOrganizationsInner {
+    'token'?: string;
+    'description'?: string;
+
+    static discriminator: string | undefined = undefined;
+
+    static attributeTypeMap: Array<{name: string, baseName: string, type: string}> = [
+        {
+            "name": "token",
+            "baseName": "token",
+            "type": "string"
+        },
+        {
+            "name": "description",
+            "baseName": "description",
+            "type": "string"
+        }    ];
+
+    static getAttributeTypeMap() {
+        return ListOrganizations200ResponseOrganizationsInner.attributeTypeMap;
+    }
+}
+

sdk/nodejs/sdk/src/zrok/api/model/models.ts

@@ -24,6 +24,8 @@ export * from './inviteRequest';
 export * from './inviteTokenGenerateRequest';
 export * from './listOrganizationMembers200Response';
 export * from './listOrganizationMembers200ResponseMembersInner';
+export * from './listOrganizations200Response';
+export * from './listOrganizations200ResponseOrganizationsInner';
 export * from './loginRequest';
 export * from './metrics';
 export * from './metricsSample';
@@ -85,6 +87,8 @@ import { InviteRequest } from './inviteRequest';
 import { InviteTokenGenerateRequest } from './inviteTokenGenerateRequest';
 import { ListOrganizationMembers200Response } from './listOrganizationMembers200Response';
 import { ListOrganizationMembers200ResponseMembersInner } from './listOrganizationMembers200ResponseMembersInner';
+import { ListOrganizations200Response } from './listOrganizations200Response';
+import { ListOrganizations200ResponseOrganizationsInner } from './listOrganizations200ResponseOrganizationsInner';
 import { LoginRequest } from './loginRequest';
 import { Metrics } from './metrics';
 import { MetricsSample } from './metricsSample';
@@ -154,6 +158,8 @@ let typeMap: {[index: string]: any} = {
     "InviteTokenGenerateRequest": InviteTokenGenerateRequest,
     "ListOrganizationMembers200Response": ListOrganizationMembers200Response,
     "ListOrganizationMembers200ResponseMembersInner": ListOrganizationMembers200ResponseMembersInner,
+    "ListOrganizations200Response": ListOrganizations200Response,
+    "ListOrganizations200ResponseOrganizationsInner": ListOrganizations200ResponseOrganizationsInner,
     "LoginRequest": LoginRequest,
     "Metrics": Metrics,
     "MetricsSample": MetricsSample,

sdk/nodejs/sdk/src/zrok/api/model/removeOrganizationMemberRequestOrganizationsInner.ts

@@ -0,0 +1,37 @@
+/**
+ * zrok
+ * zrok client access
+ *
+ * The version of the OpenAPI document: 0.3.0
+ * 
+ *
+ * NOTE: This class is auto generated by OpenAPI Generator (https://openapi-generator.tech).
+ * https://openapi-generator.tech
+ * Do not edit the class manually.
+ */
+
+import { RequestFile } from './models';
+
+export class RemoveOrganizationMemberRequestOrganizationsInner {
+    'token'?: string;
+    'email'?: string;
+
+    static discriminator: string | undefined = undefined;
+
+    static attributeTypeMap: Array<{name: string, baseName: string, type: string}> = [
+        {
+            "name": "token",
+            "baseName": "token",
+            "type": "string"
+        },
+        {
+            "name": "email",
+            "baseName": "email",
+            "type": "string"
+        }    ];
+
+    static getAttributeTypeMap() {
+        return RemoveOrganizationMemberRequestOrganizationsInner.attributeTypeMap;
+    }
+}
+

sdk/python/sdk/zrok/zrok_api/__init__.py

@@ -47,6 +47,8 @@ from zrok_api.models.identity_body import IdentityBody
 from zrok_api.models.inline_response200 import InlineResponse200
 from zrok_api.models.inline_response2001 import InlineResponse2001
 from zrok_api.models.inline_response2001_members import InlineResponse2001Members
+from zrok_api.models.inline_response2002 import InlineResponse2002
+from zrok_api.models.inline_response2002_organizations import InlineResponse2002Organizations
 from zrok_api.models.inline_response201 import InlineResponse201
 from zrok_api.models.invite_request import InviteRequest
 from zrok_api.models.invite_token_generate_request import InviteTokenGenerateRequest

sdk/python/sdk/zrok/zrok_api/api/admin_api.py

@@ -1027,6 +1027,91 @@ class AdminApi(object):
             _request_timeout=params.get('_request_timeout'),
             collection_formats=collection_formats)
 
+    def list_organizations(self, **kwargs):  # noqa: E501
+        """list_organizations  # noqa: E501
+
+        This method makes a synchronous HTTP request by default. To make an
+        asynchronous HTTP request, please pass async_req=True
+        >>> thread = api.list_organizations(async_req=True)
+        >>> result = thread.get()
+
+        :param async_req bool
+        :return: InlineResponse2002
+                 If the method is called asynchronously,
+                 returns the request thread.
+        """
+        kwargs['_return_http_data_only'] = True
+        if kwargs.get('async_req'):
+            return self.list_organizations_with_http_info(**kwargs)  # noqa: E501
+        else:
+            (data) = self.list_organizations_with_http_info(**kwargs)  # noqa: E501
+            return data
+
+    def list_organizations_with_http_info(self, **kwargs):  # noqa: E501
+        """list_organizations  # noqa: E501
+
+        This method makes a synchronous HTTP request by default. To make an
+        asynchronous HTTP request, please pass async_req=True
+        >>> thread = api.list_organizations_with_http_info(async_req=True)
+        >>> result = thread.get()
+
+        :param async_req bool
+        :return: InlineResponse2002
+                 If the method is called asynchronously,
+                 returns the request thread.
+        """
+
+        all_params = []  # noqa: E501
+        all_params.append('async_req')
+        all_params.append('_return_http_data_only')
+        all_params.append('_preload_content')
+        all_params.append('_request_timeout')
+
+        params = locals()
+        for key, val in six.iteritems(params['kwargs']):
+            if key not in all_params:
+                raise TypeError(
+                    "Got an unexpected keyword argument '%s'"
+                    " to method list_organizations" % key
+                )
+            params[key] = val
+        del params['kwargs']
+
+        collection_formats = {}
+
+        path_params = {}
+
+        query_params = []
+
+        header_params = {}
+
+        form_params = []
+        local_var_files = {}
+
+        body_params = None
+        # HTTP header `Accept`
+        header_params['Accept'] = self.api_client.select_header_accept(
+            ['application/zrok.v1+json'])  # noqa: E501
+
+        # Authentication setting
+        auth_settings = ['key']  # noqa: E501
+
+        return self.api_client.call_api(
+            '/organizations', 'GET',
+            path_params,
+            query_params,
+            header_params,
+            body=body_params,
+            post_params=form_params,
+            files=local_var_files,
+            response_type='InlineResponse2002',  # noqa: E501
+            auth_settings=auth_settings,
+            async_req=params.get('async_req'),
+            _return_http_data_only=params.get('_return_http_data_only'),
+            _preload_content=params.get('_preload_content', True),
+            _request_timeout=params.get('_request_timeout'),
+            collection_formats=collection_formats)
+
     def remove_organization_member(self, **kwargs):  # noqa: E501
         """remove_organization_member  # noqa: E501
 

sdk/python/sdk/zrok/zrok_api/models/__init__.py

@@ -37,6 +37,8 @@ from zrok_api.models.identity_body import IdentityBody
 from zrok_api.models.inline_response200 import InlineResponse200
 from zrok_api.models.inline_response2001 import InlineResponse2001
 from zrok_api.models.inline_response2001_members import InlineResponse2001Members
+from zrok_api.models.inline_response2002 import InlineResponse2002
+from zrok_api.models.inline_response2002_organizations import InlineResponse2002Organizations
 from zrok_api.models.inline_response201 import InlineResponse201
 from zrok_api.models.invite_request import InviteRequest
 from zrok_api.models.invite_token_generate_request import InviteTokenGenerateRequest

sdk/python/sdk/zrok/zrok_api/models/inline_response2002.py

@@ -0,0 +1,110 @@
+# coding: utf-8
+
+"""
+    zrok
+
+    zrok client access  # noqa: E501
+
+    OpenAPI spec version: 0.3.0
+    
+    Generated by: https://github.com/swagger-api/swagger-codegen.git
+"""
+
+import pprint
+import re  # noqa: F401
+
+import six
+
+class InlineResponse2002(object):
+    """NOTE: This class is auto generated by the swagger code generator program.
+
+    Do not edit the class manually.
+    """
+    """
+    Attributes:
+      swagger_types (dict): The key is attribute name
+                            and the value is attribute type.
+      attribute_map (dict): The key is attribute name
+                            and the value is json key in definition.
+    """
+    swagger_types = {
+        'organizations': 'list[InlineResponse2002Organizations]'
+    }
+
+    attribute_map = {
+        'organizations': 'organizations'
+    }
+
+    def __init__(self, organizations=None):  # noqa: E501
+        """InlineResponse2002 - a model defined in Swagger"""  # noqa: E501
+        self._organizations = None
+        self.discriminator = None
+        if organizations is not None:
+            self.organizations = organizations
+
+    @property
+    def organizations(self):
+        """Gets the organizations of this InlineResponse2002.  # noqa: E501
+
+
+        :return: The organizations of this InlineResponse2002.  # noqa: E501
+        :rtype: list[InlineResponse2002Organizations]
+        """
+        return self._organizations
+
+    @organizations.setter
+    def organizations(self, organizations):
+        """Sets the organizations of this InlineResponse2002.
+
+
+        :param organizations: The organizations of this InlineResponse2002.  # noqa: E501
+        :type: list[InlineResponse2002Organizations]
+        """
+
+        self._organizations = organizations
+
+    def to_dict(self):
+        """Returns the model properties as a dict"""
+        result = {}
+
+        for attr, _ in six.iteritems(self.swagger_types):
+            value = getattr(self, attr)
+            if isinstance(value, list):
+                result[attr] = list(map(
+                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
+                    value
+                ))
+            elif hasattr(value, "to_dict"):
+                result[attr] = value.to_dict()
+            elif isinstance(value, dict):
+                result[attr] = dict(map(
+                    lambda item: (item[0], item[1].to_dict())
+                    if hasattr(item[1], "to_dict") else item,
+                    value.items()
+                ))
+            else:
+                result[attr] = value
+        if issubclass(InlineResponse2002, dict):
+            for key, value in self.items():
+                result[key] = value
+
+        return result
+
+    def to_str(self):
+        """Returns the string representation of the model"""
+        return pprint.pformat(self.to_dict())
+
+    def __repr__(self):
+        """For `print` and `pprint`"""
+        return self.to_str()
+
+    def __eq__(self, other):
+        """Returns true if both objects are equal"""
+        if not isinstance(other, InlineResponse2002):
+            return False
+
+        return self.__dict__ == other.__dict__
+
+    def __ne__(self, other):
+        """Returns true if both objects are not equal"""
+        return not self == other

sdk/python/sdk/zrok/zrok_api/models/inline_response2002_organizations.py

@@ -0,0 +1,136 @@
+# coding: utf-8
+
+"""
+    zrok
+
+    zrok client access  # noqa: E501
+
+    OpenAPI spec version: 0.3.0
+    
+    Generated by: https://github.com/swagger-api/swagger-codegen.git
+"""
+
+import pprint
+import re  # noqa: F401
+
+import six
+
+class InlineResponse2002Organizations(object):
+    """NOTE: This class is auto generated by the swagger code generator program.
+
+    Do not edit the class manually.
+    """
+    """
+    Attributes:
+      swagger_types (dict): The key is attribute name
+                            and the value is attribute type.
+      attribute_map (dict): The key is attribute name
+                            and the value is json key in definition.
+    """
+    swagger_types = {
+        'token': 'str',
+        'description': 'str'
+    }
+
+    attribute_map = {
+        'token': 'token',
+        'description': 'description'
+    }
+
+    def __init__(self, token=None, description=None):  # noqa: E501
+        """InlineResponse2002Organizations - a model defined in Swagger"""  # noqa: E501
+        self._token = None
+        self._description = None
+        self.discriminator = None
+        if token is not None:
+            self.token = token
+        if description is not None:
+            self.description = description
+
+    @property
+    def token(self):
+        """Gets the token of this InlineResponse2002Organizations.  # noqa: E501
+
+
+        :return: The token of this InlineResponse2002Organizations.  # noqa: E501
+        :rtype: str
+        """
+        return self._token
+
+    @token.setter
+    def token(self, token):
+        """Sets the token of this InlineResponse2002Organizations.
+
+
+        :param token: The token of this InlineResponse2002Organizations.  # noqa: E501
+        :type: str
+        """
+
+        self._token = token
+
+    @property
+    def description(self):
+        """Gets the description of this InlineResponse2002Organizations.  # noqa: E501
+
+
+        :return: The description of this InlineResponse2002Organizations.  # noqa: E501
+        :rtype: str
+        """
+        return self._description
+
+    @description.setter
+    def description(self, description):
+        """Sets the description of this InlineResponse2002Organizations.
+
+
+        :param description: The description of this InlineResponse2002Organizations.  # noqa: E501
+        :type: str
+        """
+
+        self._description = description
+
+    def to_dict(self):
+        """Returns the model properties as a dict"""
+        result = {}
+
+        for attr, _ in six.iteritems(self.swagger_types):
+            value = getattr(self, attr)
+            if isinstance(value, list):
+                result[attr] = list(map(
+                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
+                    value
+                ))
+            elif hasattr(value, "to_dict"):
+                result[attr] = value.to_dict()
+            elif isinstance(value, dict):
+                result[attr] = dict(map(
+                    lambda item: (item[0], item[1].to_dict())
+                    if hasattr(item[1], "to_dict") else item,
+                    value.items()
+                ))
+            else:
+                result[attr] = value
+        if issubclass(InlineResponse2002Organizations, dict):
+            for key, value in self.items():
+                result[key] = value
+
+        return result
+
+    def to_str(self):
+        """Returns the string representation of the model"""
+        return pprint.pformat(self.to_dict())
+
+    def __repr__(self):
+        """For `print` and `pprint`"""
+        return self.to_str()
+
+    def __eq__(self, other):
+        """Returns true if both objects are equal"""
+        if not isinstance(other, InlineResponse2002Organizations):
+            return False
+
+        return self.__dict__ == other.__dict__
+
+    def __ne__(self, other):
+        """Returns true if both objects are not equal"""
+        return not self == other

sdk/python/sdk/zrok/zrok_api/models/organizationremove_organizations.py

@@ -0,0 +1,136 @@
+# coding: utf-8
+
+"""
+    zrok
+
+    zrok client access  # noqa: E501
+
+    OpenAPI spec version: 0.3.0
+    
+    Generated by: https://github.com/swagger-api/swagger-codegen.git
+"""
+
+import pprint
+import re  # noqa: F401
+
+import six
+
+class OrganizationremoveOrganizations(object):
+    """NOTE: This class is auto generated by the swagger code generator program.
+
+    Do not edit the class manually.
+    """
+    """
+    Attributes:
+      swagger_types (dict): The key is attribute name
+                            and the value is attribute type.
+      attribute_map (dict): The key is attribute name
+                            and the value is json key in definition.
+    """
+    swagger_types = {
+        'token': 'str',
+        'email': 'str'
+    }
+
+    attribute_map = {
+        'token': 'token',
+        'email': 'email'
+    }
+
+    def __init__(self, token=None, email=None):  # noqa: E501
+        """OrganizationremoveOrganizations - a model defined in Swagger"""  # noqa: E501
+        self._token = None
+        self._email = None
+        self.discriminator = None
+        if token is not None:
+            self.token = token
+        if email is not None:
+            self.email = email
+
+    @property
+    def token(self):
+        """Gets the token of this OrganizationremoveOrganizations.  # noqa: E501
+
+
+        :return: The token of this OrganizationremoveOrganizations.  # noqa: E501
+        :rtype: str
+        """
+        return self._token
+
+    @token.setter
+    def token(self, token):
+        """Sets the token of this OrganizationremoveOrganizations.
+
+
+        :param token: The token of this OrganizationremoveOrganizations.  # noqa: E501
+        :type: str
+        """
+
+        self._token = token
+
+    @property
+    def email(self):
+        """Gets the email of this OrganizationremoveOrganizations.  # noqa: E501
+
+
+        :return: The email of this OrganizationremoveOrganizations.  # noqa: E501
+        :rtype: str
+        """
+        return self._email
+
+    @email.setter
+    def email(self, email):
+        """Sets the email of this OrganizationremoveOrganizations.
+
+
+        :param email: The email of this OrganizationremoveOrganizations.  # noqa: E501
+        :type: str
+        """
+
+        self._email = email
+
+    def to_dict(self):
+        """Returns the model properties as a dict"""
+        result = {}
+
+        for attr, _ in six.iteritems(self.swagger_types):
+            value = getattr(self, attr)
+            if isinstance(value, list):
+                result[attr] = list(map(
+                    lambda x: x.to_dict() if hasattr(x, "to_dict") else x,
+                    value
+                ))
+            elif hasattr(value, "to_dict"):
+                result[attr] = value.to_dict()
+            elif isinstance(value, dict):
+                result[attr] = dict(map(
+                    lambda item: (item[0], item[1].to_dict())
+                    if hasattr(item[1], "to_dict") else item,
+                    value.items()
+                ))
+            else:
+                result[attr] = value
+        if issubclass(OrganizationremoveOrganizations, dict):
+            for key, value in self.items():
+                result[key] = value
+
+        return result
+
+    def to_str(self):
+        """Returns the string representation of the model"""
+        return pprint.pformat(self.to_dict())
+
+    def __repr__(self):
+        """For `print` and `pprint`"""
+        return self.to_str()
+
+    def __eq__(self, other):
+        """Returns true if both objects are equal"""
+        if not isinstance(other, OrganizationremoveOrganizations):
+            return False
+
+        return self.__dict__ == other.__dict__
+
+    def __ne__(self, other):
+        """Returns true if both objects are not equal"""
+        return not self == other

specs/zrok.yml

@@ -518,6 +518,31 @@ paths:
         500:
           description: internal server error
 
+  /organizations:
+    get:
+      tags:
+        - admin
+      security:
+        - key: []
+      operationId: listOrganizations
+      responses:
+        200:
+          description: ok
+          schema:
+            properties:
+              organizations:
+                type: array
+                items:
+                  properties:
+                    token:
+                      type: string
+                    description:
+                      type: string
+        401:
+          description: unauthorized
+        500:
+          description: internal server error
+
   #
   # environment
   #

ui/src/api/admin.js

@@ -188,6 +188,12 @@ export function removeOrganizationMember(options) {
   return gateway.request(removeOrganizationMemberOperation, parameters)
 }
 
+/**
+ */
+export function listOrganizations() {
+  return gateway.request(listOrganizationsOperation)
+}
+
 const createAccountOperation = {
   path: '/account',
   contentTypes: ['application/zrok.v1+json'],
@@ -329,3 +335,13 @@ const removeOrganizationMemberOperation = {
     }
   ]
 }
+
+const listOrganizationsOperation = {
+  path: '/organizations',
+  method: 'get',
+  security: [
+    {
+      id: 'key'
+    }
+  ]
+}