Delete organization
Schedule an organization for deletion (owner role required). This is a reversible 90-day tombstone: the catalog is unclaimed (brands, locations, and products survive as crowd-sourced), the Stripe subscription is cancelled at period end, and API keys are revoked immediately. Regulated traceability records are retained. The org can be restored within the grace window, after which its org-only data is purged. Returns 204 No Content on success.
When the organization has require_reauth_to_delete enabled (the default), a browser-session caller must have re-authenticated at their identity provider within the freshness window or the request is rejected with 403 — a stolen session cookie alone cannot delete. API-key callers authenticate with a separate credential and are not subject to this gate.