Invite acceptance
Create your operator account
Invite tokens are email-bound, expiring, and stored only as a secure hash in the database.

This token is validated before any user record is created.

The API matches the token to this normalized email address.

The accepted invite writes the invited role onto the new user.

Validation steps
The API will enforce this sequence when the route is wired.

1. Match the invite token hash.

2. Verify invite status, target email, and expiration.

3. Create the user through Better Auth with the invited role.

4. Mark the invite as accepted and create an audit event.

Invite emails will be moved to the worker service once Resend is wired.