Skip to main content
GET
/
api
/
adm
/
companyProjectUserEntries
/
isEntryBelongsToCompany
Validate Company Ownership
curl --request GET \
  --url https://localhost:44371/api/adm/companyProjectUserEntries/isEntryBelongsToCompany \
  --header 'Authorization: Bearer <token>'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Security validation endpoint confirming user-project association belongs to specified company. Critical for preventing cross-company data access in multi-tenant scenarios.

Input

  • Query Parameters: model (IsCompanyProjectUserBelongsToCompanyQueryRequest) — Validation parameters:
    • projectUserId (guid, required) — Association identifier.
    • companyId (guid, required) — Company identifier to validate against.

Output

Returns an IsCompanyProjectUserBelongsToCompanyQueryResponse with boolean validation result.

Example Request

GET /api/admin/companyProjectUserEntries/isEntryBelongsToCompany?projectUserId=9d3e5f12-4a6b-4c8d-9e2f-1a3b5c7d9e0f&companyId=3fa85f64-5717-4562-b3fc-2c963f66afa6
Authorization: Bearer {token}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null,
  "result": true
}

Errors

  • 400 Bad Request — Invalid parameters.
  • 404 Not Found — Association or company not found.

Notes

  • Result false means association does NOT belong to company.
  • Always validate before sensitive operations.
  • Prevents privilege escalation and cross-company access.
  • Part of defense-in-depth security strategy.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Query Parameters

CompanyId
string<guid>

The identifier of the company for verification.

CompanyProjectUserId
string<guid>

The identifier of the project user being verified.

Response

Returns a boolean indicating whether the association belongs to the specified company. Note that success: true with result: false means the validation completed but the association does not belong to the company.

Standard response structure containing operation status and error information. Represents the response returned when verifying whether a project user belongs to a company.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null

result
boolean

Indicates whether the project user belongs to the company.