Summary and recommendation
Railway exposes a GraphQL API at https://backboard.railway.app/graphql/v2 - there is no REST surface for user or team management.
Authentication uses Bearer tokens that inherit the full permissions of the generating user; there are no scopes, no service accounts, and no fine-grained token controls.
All mutations that modify team membership require the token owner to hold the ADMIN role in the target team. Rate limits are undocumented; implement exponential backoff defensively.
Pagination follows the Relay cursor spec using the `after` parameter - offset pagination is not supported. The GraphQL schema is not versioned; monitor railway.app/changelog for breaking changes.
API quick reference
| Has user API | Yes |
| Auth method | Bearer token (Railway API token) |
| Base URL | Official docs |
| SCIM available | No |
| SCIM plan required | Enterprise |
Authentication
Auth method: Bearer token (Railway API token)
Setup steps
- Log in to Railway dashboard at railway.app.
- Navigate to Account Settings → API Tokens.
- Click 'Create Token', give it a name, and copy the generated token.
- Include the token in all API requests as an HTTP header: Authorization: Bearer
.
Required scopes
| Scope | Description | Required for |
|---|---|---|
| N/A | Railway API tokens are not scope-gated; they inherit the permissions of the generating user account. | All API operations |
User object / data model
| Field | Type | Description | On create | On update | Notes |
|---|---|---|---|---|---|
| id | String (ID) | Unique identifier for the user. | system-generated | immutable | Used as primary key in all user-related queries. |
| name | String | Display name of the user. | set by user | mutable | |
| String | Email address of the user. | required | mutable | Used for invitations and notifications. | |
| avatar | String (URL) | URL of the user's avatar image. | optional | mutable | |
| createdAt | DateTime | Timestamp when the user account was created. | system-generated | immutable | |
| teams | TeamConnection | Teams the user belongs to. | N/A | managed via team membership mutations | Returned as a paginated connection. |
| role | TeamRole (enum) | User's role within a team: ADMIN or MEMBER. | set on invite | mutable via teamMemberUpdate | Scoped to a specific team context. |
Core endpoints
Get current authenticated user
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Returns the user associated with the API token used; cannot query arbitrary users.
Request example
{
"query": "query { me { id name email avatar createdAt } }"
}
Response example
{
"data": {
"me": {
"id": "usr_abc123",
"name": "Jane Doe",
"email": "jane@example.com",
"avatar": "https://...",
"createdAt": "2023-01-15T10:00:00Z"
}
}
}
List team members
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Requires the API token owner to be a member of the queried team.
Request example
{
"query": "query { team(id: \"team_xyz\") { members { edges { node { id name email role } } } } }"
}
Response example
{
"data": {
"team": {
"members": {
"edges": [
{ "node": { "id": "usr_abc", "name": "Jane", "email": "jane@example.com", "role": "ADMIN" } }
]
}
}
}
}
Invite user to team
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Sends an email invitation; user must accept before appearing as an active member. Requires ADMIN role in the team.
Request example
{
"query": "mutation { teamInviteUser(teamId: \"team_xyz\", email: \"new@example.com\", role: MEMBER) { id } }"
}
Response example
{
"data": {
"teamInviteUser": {
"id": "invite_001"
}
}
}
Remove user from team
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Cannot remove the last ADMIN from a team. Requires ADMIN role.
Request example
{
"query": "mutation { teamRemoveMember(teamId: \"team_xyz\", userId: \"usr_abc\") }"
}
Response example
{
"data": {
"teamRemoveMember": true
}
}
Update team member role
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Only ADMIN team members can update roles.
Request example
{
"query": "mutation { teamMemberUpdate(teamId: \"team_xyz\", userId: \"usr_abc\", role: ADMIN) { id role } }"
}
Response example
{
"data": {
"teamMemberUpdate": {
"id": "usr_abc",
"role": "ADMIN"
}
}
}
List teams for current user
- Method: POST
- URL:
https://backboard.railway.app/graphql/v2 - Watch out for: Only returns teams the token owner belongs to.
Request example
{
"query": "query { me { teams { edges { node { id name } } } } }"
}
Response example
{
"data": {
"me": {
"teams": {
"edges": [
{ "node": { "id": "team_xyz", "name": "Acme Corp" } }
]
}
}
}
}
Rate limits, pagination, and events
Rate limits: Railway does not publicly document specific rate limit thresholds or headers in its official API docs as of the policy date.
Rate-limit headers: No
Retry-After header: No
Rate-limit notes: No official rate limit documentation found. Excessive requests may result in temporary throttling without documented limits.
Pagination method: cursor
Default page size: 0
Max page size: 0
Pagination pointer: after
Webhooks available: No
Webhook notes: Railway does not offer user-management or team-membership webhooks as of the policy date. Deployment and service event webhooks exist but are not user-management events.
Alternative event strategy: Poll the GraphQL API (e.g., team members query) to detect membership changes.
SCIM API status
- SCIM available: No
- SCIM version: Not documented
- Plan required: Enterprise
- Endpoint: Not documented
Limitations:
- No native SCIM 2.0 support documented by Railway as of the policy date.
- Enterprise plan is required for SSO; SCIM provisioning is not listed as an Enterprise feature in official docs.
- No IdP-specific SCIM connector documented for Okta, Entra ID, or Google Workspace.
Common scenarios
Three core identity graph operations are supported via the API.
To onboard a member, call the teamInviteUser mutation with the target email and role; the invitation is asynchronous and email-based, so the user does not appear in team { members } queries until they accept - do not treat a successful mutation response as confirmation of active access.
To audit membership, query team(id: "<teamId>") { members { edges { node { id name email role } } } } and paginate with the cursor after parameter; note that pending (unaccepted) invitations are not documented as appearing in this result set, creating a gap in identity graph completeness.
To remove a departed user, resolve their userId by matching on email in the members query, then call teamRemoveMember with the teamId and userId; confirm removal with a follow-up members query.
A critical caveat: Railway exposes no admin API to revoke another user's API tokens - any tokens the removed user created remain valid until the user revokes them or Railway support intervenes at the account level.
Onboard a new team member
- Authenticate with a Bearer token belonging to a team ADMIN.
- Call teamInviteUser mutation with the new member's email and desired role (MEMBER or ADMIN).
- New user receives an email invitation and must accept it via the Railway dashboard.
- After acceptance, verify membership by querying team { members } and confirming the user appears.
Watch out for: The user is not active until they accept the invitation; do not assume immediate access after the mutation succeeds.
Audit current team membership
- Authenticate with a Bearer token belonging to a team member.
- Query team(id: "
") { members { edges { node { id name email role } } } }. - Paginate using the cursor-based 'after' parameter if the team has many members.
- Compare returned members against your identity provider or HR system records.
Watch out for: Pending (unaccepted) invitations may not appear in the members list; there is no documented query for pending invites.
Remove a departed employee from a team
- Resolve the user's Railway userId by querying team members and matching on email.
- Call teamRemoveMember mutation with the teamId and resolved userId.
- Confirm removal by re-querying team members and verifying the user is absent.
- Revoke any Railway API tokens the user may have created (must be done by the user or via account deletion - no admin token-revocation API is documented).
Watch out for: Railway does not expose an admin API to revoke another user's API tokens. Coordinate with the user or escalate to Railway Enterprise support for account-level actions.
Why building this yourself is a trap
The Railway API covers the happy path for team membership CRUD but has several gaps that matter for automated identity lifecycle management. Token-level permissions are all-or-nothing and tied to a human account, which means any automation pipeline breaks if the token owner loses their Admin role or leaves the team.
There is no SCIM 2.0 endpoint at any pricing tier, and no IdP connector is documented for Okta, Entra ID, or Google Workspace - SSO itself is Enterprise-only and does not include provisioning. Webhooks for user-management events do not exist; detecting membership drift requires polling.
Combined, these constraints mean that building a reliable, automated identity graph sync against Railway requires defensive polling, manual token lifecycle management, and out-of-band coordination for account-level actions.
Automate Railway workflows without one-off scripts
Stitchflow builds and maintains end-to-end IT automation across your SaaS stack, including apps without APIs. Built for exactly how your company works, with human approvals where they matter.
