Skip to main content
type
enum<string>
required
Enum options: ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V8
timestampMs
string
required
Timestamp (in milliseconds) of the request, used to verify liveness of user requests.
organizationId
string
required
Unique identifier for a given Organization.
parameters
object
required

The parameters object containing the specific intent data for this activity.

generateAppProofs
boolean
Enable to have your activity generate and return App Proofs, enabling verifiability.
A successful response returns the following fields:
activity
object
required
The activity object containing type, intent, and result
curl --request POST \
  --url https://api.turnkey.com/public/v1/submit/create_sub_organization \
  --header 'Accept: application/json' \
  --header 'Content-Type: application/json' \
  --header "X-Stamp: <string> (see Authorizations)" \
  --data '{
    "type": "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V8",
    "timestampMs": "<string> (e.g. 1746736509954)",
    "organizationId": "<string> (Your Organization ID)",
    "parameters": {
        "subOrganizationName": "<string>",
        "rootUsers": [
            {
                "userName": "<string>",
                "userEmail": "<string>",
                "userPhoneNumber": "<string>",
                "apiKeys": [
                    {
                        "apiKeyName": "<string>",
                        "publicKey": "<string>",
                        "curveType": "<API_KEY_CURVE_P256>",
                        "expirationSeconds": "<string>"
                    }
                ],
                "authenticators": [
                    {
                        "authenticatorName": "<string>",
                        "challenge": "<string>",
                        "attestation": {
                            "credentialId": "<string>",
                            "clientDataJson": "<string>",
                            "attestationObject": "<string>",
                            "transports": [
                                "<AUTHENTICATOR_TRANSPORT_BLE>"
                            ]
                        }
                    }
                ],
                "oauthProviders": [
                    {
                        "providerName": "<string>",
                        "oidcToken": "<string>",
                        "oidcClaims": {
                            "iss": "<string>",
                            "sub": "<string>",
                            "aud": "<string>"
                        }
                    }
                ]
            }
        ],
        "rootQuorumThreshold": "<number>",
        "wallet": {
            "walletName": "<string>",
            "accounts": [
                {
                    "curve": "<CURVE_SECP256K1>",
                    "pathFormat": "<PATH_FORMAT_BIP32>",
                    "path": "<string>",
                    "addressFormat": "<ADDRESS_FORMAT_UNCOMPRESSED>",
                    "name": "<string>"
                }
            ],
            "mnemonicLength": "<number>"
        },
        "disableEmailRecovery": "<boolean>",
        "disableEmailAuth": "<boolean>",
        "disableSmsAuth": "<boolean>",
        "disableOtpEmailAuth": "<boolean>",
        "verificationToken": "<string>",
        "clientSignature": {
            "publicKey": "<string>",
            "scheme": "<CLIENT_SIGNATURE_SCHEME_API_P256>",
            "message": "<string>",
            "signature": "<string>"
        }
    }
}'
import { Turnkey } from "@turnkey/sdk-server";

const turnkeyClient = new Turnkey({
  apiBaseUrl: "https://api.turnkey.com",
  apiPublicKey: process.env.API_PUBLIC_KEY!,
  apiPrivateKey: process.env.API_PRIVATE_KEY!,
  defaultOrganizationId: process.env.ORGANIZATION_ID!,
});

const response = await turnkeyClient.apiClient().createSubOrganization({
  subOrganizationName: "<string> (Name for this sub-organization)",
  rootUsers: [{ // Root users to create within this sub-organization,
    userName: "<string> (Human-readable name for a User.)",
    userEmail: "<string> (The user's email address.)",
    userPhoneNumber: "<string> (The user's phone number in E.164 format e.g. +13214567890)",
    apiKeys: [{ // A list of API Key parameters. This field, if not needed, should be an empty array in your request body.,
      apiKeyName: "<string> (Human-readable name for an API Key.)",
      publicKey: "<string> (The public component of a cryptographic key pair used to sign messages and transactions.)",
      curveType: "<API_KEY_CURVE_P256>" // curveType field,
      expirationSeconds: "<string> (Optional window (in seconds) indicating how long the API Key should last.)",
    }],
    authenticators: [{ // A list of Authenticator parameters. This field, if not needed, should be an empty array in your request body.,
      authenticatorName: "<string> (Human-readable name for an Authenticator.)",
      challenge: "<string> (Challenge presented for authentication purposes.)",
      attestation: { // attestation field,
        credentialId: "<string> (The cbor encoded then base64 url encoded id of the credential.)",
        clientDataJson: "<string> (A base64 url encoded payload containing metadata about the signing context and the challenge.)",
        attestationObject: "<string> (A base64 url encoded payload containing authenticator data and any attestation the webauthn provider chooses.)",
        transports: "<AUTHENTICATOR_TRANSPORT_BLE>" // The type of authenticator transports.,
      },
    }],
    oauthProviders: [{ // A list of Oauth providers. This field, if not needed, should be an empty array in your request body.,
      providerName: "<string> (Human-readable name to identify a Provider.)",
      oidcToken: "<string> (Base64 encoded OIDC token)",
      oidcClaims: { // oidcClaims field,
        iss: "<string> (The issuer identifier from the OIDC token (iss claim))",
        sub: "<string> (The subject identifier from the OIDC token (sub claim))",
        aud: "<string> (The audience from the OIDC token (aud claim))",
      },
    }],
  }],
  rootQuorumThreshold: 0 // The threshold of unique approvals to reach root quorum. This value must be less than or equal to the number of root users,
  wallet: { // wallet field,
    walletName: "<string> (Human-readable name for a Wallet.)",
    accounts: [{ // A list of wallet Accounts. This field, if not needed, should be an empty array in your request body.,
      curve: "<CURVE_SECP256K1>" // curve field,
      pathFormat: "<PATH_FORMAT_BIP32>" // pathFormat field,
      path: "<string> (Path used to generate a wallet Account.)",
      addressFormat: "<ADDRESS_FORMAT_UNCOMPRESSED>" // addressFormat field,
      name: "<string> (Optional human-readable name for the account.)",
    }],
    mnemonicLength: 0 // Length of mnemonic to generate the Wallet seed. Defaults to 12. Accepted values: 12, 15, 18, 21, 24.,
  },
  disableEmailRecovery: true // Disable email recovery for the sub-organization,
  disableEmailAuth: true // Disable email auth for the sub-organization,
  disableSmsAuth: true // Disable OTP SMS auth for the sub-organization,
  disableOtpEmailAuth: true // Disable OTP email auth for the sub-organization,
  verificationToken: "<string> (Signed JWT containing a unique id, expiry, verification type, contact)",
  clientSignature: { // clientSignature field,
    publicKey: "<string> (The public component of a cryptographic key pair used to create the signature.)",
    scheme: "<CLIENT_SIGNATURE_SCHEME_API_P256>" // scheme field,
    message: "<string> (The message that was signed.)",
    signature: "<string> (The cryptographic signature over the message.)",
  }
});
{
  "activity": {
    "id": "<activity-id>",
    "status": "ACTIVITY_STATUS_COMPLETED",
    "type": "ACTIVITY_TYPE_CREATE_SUB_ORGANIZATION_V8",
    "organizationId": "<organization-id>",
    "timestampMs": "<timestamp> (e.g. 1746736509954)",
    "result": {
      "activity": {
        "id": "<string>",
        "organizationId": "<string>",
        "status": "<string>",
        "type": "<string>",
        "intent": {
          "createSubOrganizationIntentV8": {
            "subOrganizationName": "<string>",
            "rootUsers": [
              {
                "userName": "<string>",
                "userEmail": "<string>",
                "userPhoneNumber": "<string>",
                "apiKeys": [
                  {
                    "apiKeyName": "<string>",
                    "publicKey": "<string>",
                    "curveType": "<API_KEY_CURVE_P256>",
                    "expirationSeconds": "<string>"
                  }
                ],
                "authenticators": [
                  {
                    "authenticatorName": "<string>",
                    "challenge": "<string>",
                    "attestation": {
                      "credentialId": "<string>",
                      "clientDataJson": "<string>",
                      "attestationObject": "<string>",
                      "transports": [
                        "<AUTHENTICATOR_TRANSPORT_BLE>"
                      ]
                    }
                  }
                ],
                "oauthProviders": [
                  {
                    "providerName": "<string>",
                    "oidcToken": "<string>",
                    "oidcClaims": {
                      "iss": "<string>",
                      "sub": "<string>",
                      "aud": "<string>"
                    }
                  }
                ]
              }
            ],
            "rootQuorumThreshold": "<number>",
            "wallet": {
              "walletName": "<string>",
              "accounts": [
                {
                  "curve": "<CURVE_SECP256K1>",
                  "pathFormat": "<PATH_FORMAT_BIP32>",
                  "path": "<string>",
                  "addressFormat": "<ADDRESS_FORMAT_UNCOMPRESSED>",
                  "name": "<string>"
                }
              ],
              "mnemonicLength": "<number>"
            },
            "disableEmailRecovery": "<boolean>",
            "disableEmailAuth": "<boolean>",
            "disableSmsAuth": "<boolean>",
            "disableOtpEmailAuth": "<boolean>",
            "verificationToken": "<string>",
            "clientSignature": {
              "publicKey": "<string>",
              "scheme": "<CLIENT_SIGNATURE_SCHEME_API_P256>",
              "message": "<string>",
              "signature": "<string>"
            }
          }
        },
        "result": {
          "createSubOrganizationResultV8": {
            "subOrganizationId": "<string>",
            "wallet": {
              "walletId": "<string>",
              "addresses": [
                "<string>"
              ]
            },
            "rootUserIds": [
              "<string>"
            ]
          }
        },
        "votes": "<array>",
        "fingerprint": "<string>",
        "canApprove": "<boolean>",
        "canReject": "<boolean>",
        "createdAt": "<string>",
        "updatedAt": "<string>"
      }
    }
  }
}