digital-identity-platform-docs
digital-identity-platform-docs / supabase/functions/get-invitation-by-token
supabase/functions/get-invitation-by-token
Fileoverview
Get Invitation by Token Edge Function
Retrieves invitation details by token for display on the accept invitation page. This is a public endpoint (no JWT required) to allow unauthenticated users to view invitation details before signing up or logging in.
Cloudflare Architecture Context
| Attribute | Value |
|---|---|
| Classification | 🔵 BACKEND-ONLY |
| Position | App Backend (public invite page) |
| Receives Public Traffic | Yes (unauthenticated users) |
| Latency Sensitive | No |
| Safe to Retry | Yes (read-only) |
| Failure Behavior | Fail-closed (returns error) |
Endpoint
POST /get-invitation-by-token
Auth
None - Public endpoint
Remarks
- Uses service role to bypass RLS for reading invitations
- Validates invitation status (must be 'pending')
- Checks expiration and returns 410 Gone for expired invitations
- Does NOT return the token in response for security
- Includes client name via join for display purposes
Example
json
{ "token": "abc123-invitation-token" }