> ## Documentation Index > Fetch the complete documentation index at: https://www.trycomp.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Transfer organization ownership | Comp AI API > Transfers organization ownership to another member. The current owner will become an admin and keep all other roles. The new owner will receive the owner. ## OpenAPI ````yaml /openapi.json post /v1/organization/transfer-ownership openapi: 3.0.0 info: title: Comp AI API description: >- Compliance automation API for SOC 2, ISO 27001, HIPAA, GDPR, evidence collection, policy workflows, Trust Access, security questionnaires, integrations, cloud checks, and device compliance. version: '1.0' contact: {} servers: - url: https://api.trycomp.ai description: Production API Server security: [] tags: - name: Attachments description: >- Generate signed download links for files attached to compliance tasks, comments, evidence records, and workflow reviews. - name: Audit Logs description: >- Retrieve audit trails for compliance activity, evidence changes, access decisions, and customer-facing security review workflows. - name: CloudSecurity description: >- Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work. x-group: Cloud Security - name: Comments description: >- Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings. - name: Context description: >- Manage organization context that helps Comp AI tailor policies, assessments, and compliance automation to the business. - name: Controls description: >- Manage controls, map them to policies, tasks, framework requirements, and evidence document types, and track implementation progress. - name: Device Agent description: >- Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status. - name: Devices description: >- Read and manage employee device inventory and Fleet compliance data used for endpoint security controls. - name: Evidence Export description: >- Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files. - name: Evidence Export (Auditor) description: Export all organization evidence for an auditor review package. - name: Evidence Forms description: >- Collect, review, upload, and export structured evidence submissions for compliance tasks and document requirements. - name: Findings description: >- Create, review, update, and track audit findings, remediation activity, and finding history for an organization. - name: Frameworks description: >- Manage SOC 2, ISO 27001, HIPAA, GDPR, and custom framework instances, requirements, scores, and sync history. - name: ISMS - name: Integrations description: >- Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence. - name: Knowledge Base description: >- Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows. - name: Offboarding Checklist - name: Org Chart description: >- Manage organization chart metadata and evidence used for governance, accountability, and audit readiness. - name: Organization description: >- Manage organization profile data, API keys, logos, ownership, role notifications, and access approval settings. - name: People description: >- Invite and manage workforce members, training status, device compliance, email preferences, and employee evidence records. - name: Policies description: >- Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows. - name: Questionnaire description: >- Parse security questionnaires, generate answers from approved evidence, save reviewer edits, stream progress, and export completed files. - name: Risks description: >- Create, update, and report on organizational risks with ownership, departments, and compliance remediation status. - name: Roles description: >- Create custom roles and resolve permission sets for organization-level access control. - name: SOA description: >- Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents. x-group: Statement of Applicability - name: Security Penetration Tests description: >- Create AI-powered penetration test runs, track progress, inspect findings and events, and download markdown or PDF reports. - name: Task Automations description: >- Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks. - name: Task Management description: >- Manage task items and attachments linked to operational entities such as risks and vendors. - name: Tasks description: >- Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history. - name: Timelines description: >- Track audit and compliance readiness timelines, phases, and review milestones for an organization. - name: Training description: >- Record security awareness and HIPAA training completion status and generate completion certificates. - name: Trust Access description: >- Manage external Trust Center access requests, NDA signing, grants, tokenized document downloads, public FAQs, and reviewer access. - name: Trust Portal description: >- Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. - name: Uploads - name: Vendors description: >- Manage third-party vendors, global vendor search, risk assessment triggers, and Trust Center vendor visibility. paths: /v1/organization/transfer-ownership: post: tags: - Organization summary: Transfer organization ownership description: >- Transfers organization ownership to another member. The current owner will become an admin and keep all other roles. The new owner will receive the owner role while keeping their existing roles. Only the current organization owner can. operationId: OrganizationController_transferOwnership_v1 parameters: [] requestBody: required: true description: Transfer organization ownership to another member content: application/json: schema: type: object required: - newOwnerId properties: newOwnerId: type: string description: Member ID of the new owner example: mem_xyz789 userId: type: string description: >- User ID of the current owner initiating the transfer (required for API key auth, ignored for JWT auth) example: usr_abc123def456 additionalProperties: false responses: default: description: |- Not found - Organization or member not found Forbidden - Only organization owner can transfer ownership Unauthorized - Invalid or missing authentication Bad request - Invalid input Ownership transferred successfully content: application/json: schema: type: object properties: success: type: boolean example: true message: type: string example: Ownership transferred successfully currentOwner: type: object properties: memberId: type: string example: mem_abc123 previousRoles: type: array items: type: string example: - owner - employee newRoles: type: array items: type: string example: - admin - employee newOwner: type: object properties: memberId: type: string example: mem_xyz789 previousRoles: type: array items: type: string example: - admin newRoles: type: array items: type: string example: - admin - owner security: - apikey: [] components: securitySchemes: apikey: type: apiKey in: header name: X-API-Key description: API key for authentication ````