diff --git a/src/api/lib.zig b/src/api/lib.zig
index 08b4efd..00a16eb 100644
--- a/src/api/lib.zig
+++ b/src/api/lib.zig
@@ -204,6 +204,13 @@ pub const FileResult = struct {
     data: []const u8,
 };
 
+pub const ValidInvite = struct {
+    code: []const u8,
+    kind: services.invites.Kind,
+    name: []const u8,
+    creator: UserResponse,
+};
+
 pub fn isAdminSetup(db: sql.Db) !bool {
     _ = services.communities.adminCommunityId(db) catch |err| switch (err) {
         error.NotFound => return false,
@@ -762,5 +769,33 @@ fn ApiConn(comptime DbConn: type) type {
             if (!Uuid.eql(id, self.user_id orelse return error.NoToken)) return error.AccessDenied;
             try services.actors.updateProfile(self.db, id, data, self.allocator);
         }
+
+        pub fn validateInvite(self: *Self, code: []const u8) !ValidInvite {
+            const invite = services.invites.getByCode(
+                self.db,
+                code,
+                self.community.id,
+                self.allocator,
+            ) catch |err| switch (err) {
+                error.NotFound => return error.InvalidInvite,
+                else => return error.DatabaseFailure,
+            };
+            errdefer util.deepFree(self.allocator, invite);
+
+            if (!Uuid.eql(invite.community_id, self.community.id)) return error.InvalidInvite;
+            if (!isInviteValid(invite)) return error.InvalidInvite;
+
+            const creator = self.getUserUnchecked(self.db, invite.created_by) catch |err| switch (err) {
+                error.NotFound => return error.Unexpected,
+                else => return error.DatabaseFailure,
+            };
+
+            return ValidInvite{
+                .code = invite.code,
+                .name = invite.name,
+                .kind = invite.kind,
+                .creator = creator,
+            };
+        }
     };
 }