API ReferenceCore API
Members API
Manage client (organisation) members and their roles
Members API
Manage users within a client (organisation), including their roles and permissions.
To add new members to a client, you must use the Invites API to send an invitation.
Client Member Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/clients/{clientId}/members | List all members of a client |
| GET | /api/clients/{clientId}/members/{userId} | Get a specific member |
| POST | /api/clients/{clientId}/members | Not supported |
| PUT | /api/clients/{clientId}/members/{userId} | Update a member's roles |
| DELETE | /api/clients/{clientId}/members/{userId} | Remove a member from a client |
User Membership Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/users/{userId}/memberships | List all memberships for a user across all clients |
| GET | /api/users/{userId}/memberships/{membershipId} | Get as specific membership for a user |
| POST | /api/users/{userId}/memberships | Not supported |
| PUT | /api/users/{userId}/memberships/{membershipId} | Not supported |
| DELETE | /api/users/{userId}/memberships/{membershipId} | Removes a user from an organisation (can only remove oneself) |
List Members
Get all members of a specific client (organisation).
Request
GET /api/clients/{clientId}/members HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"members": [
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"roles": ["owner", "admin"],
"userEmail": "alice@example.com",
"userFirstName": "Alice",
"userLastName": "Smith",
"userPhone": "+1234567890",
"userCreated": "2024-01-10T08:00:00.000Z",
"userUpdated": "2024-01-20T10:30:00.000Z"
},
{
"userId": "223e4567-e89b-12d3-a456-426614174001",
"roles": ["user"],
"userEmail": "bob@example.com",
"userFirstName": "Bob",
"userLastName": "Johnson",
"userPhone": "+1234567891",
"userCreated": "2024-01-15T09:00:00.000Z",
"userUpdated": "2024-01-18T11:20:00.000Z"
}
],
"message": "Success"
}Example
const response = await fetch(
`https://api.requestrocket.com/api/clients/${clientId}/members`,
{
headers: {
'Authorization': process.env.USER_TOKEN
}
}
);
const data = await response.json();
console.log('Members:', data.members);import requests
import os
response = requests.get(
f'https://api.requestrocket.com/api/clients/{client_id}/members',
headers={'Authorization': os.getenv('USER_TOKEN')}
)
data = response.json()
print(f"Found {len(data['members'])} members")package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type Response struct {
Members []map[string]interface{} `json:"members"`
Message string `json:"message"`
}
func main() {
clientId := "your-client-id"
url := fmt.Sprintf("https://api.requestrocket.com/api/clients/%s/members", clientId)
req, _ := http.NewRequest("GET", url, nil)
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
fmt.Printf("Found %d members\n", len(result.Members))
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class ListMembers {
public static void main(String[] args) throws Exception {
String clientId = "your-client-id";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/clients/" + clientId + "/members"))
.header("Authorization", System.getenv("USER_TOKEN"))
.GET()
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject json = JsonParser.parseString(response.body()).getAsJsonObject();
JsonArray members = json.getAsJsonArray("members");
System.out.println("Found " + members.size() + " members");
}
}curl -X GET "https://api.requestrocket.com/api/clients/${CLIENT_ID}/members" \
-H "Authorization: ${USER_TOKEN}"Get Member
Retrieve details of a specific member within a client.
Request
GET /api/clients/{clientId}/members/{userId} HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"members": [
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"roles": ["owner", "admin"],
"userEmail": "alice@example.com",
"userFirstName": "Alice",
"userLastName": "Smith",
"userPhone": "+1234567890",
"userCreated": "2024-01-10T08:00:00.000Z",
"userUpdated": "2024-01-20T10:30:00.000Z"
}
],
"message": "Success"
}Update Member Roles
Update the roles of a member within a client. Available roles include owner, admin, and user.
- The last remaining admin cannot have their admin role removed
- The owner role cannot be removed from an owner via the api - contact support for assistance
Request
PUT /api/clients/{clientId}/members/{userId} HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}
Content-Type: application/json
{
"roles": ["admin", "user"]
}Request Body
| Field | Type | Required | Description |
|---|---|---|---|
roles | string[] | Yes | Array of roles to assign to the member |
Available Roles
owner: Full control of the organisation, including billingadmin: Can manage all resources and invite usersuser: Can view and use resources
Response
{
"members": [
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"roles": ["admin", "user"],
"userEmail": "alice@example.com",
"userFirstName": "Alice",
"userLastName": "Smith",
"userPhone": "+1234567890",
"userCreated": "2024-01-10T08:00:00.000Z",
"userUpdated": "2024-01-20T10:30:00.000Z"
}
],
"message": "Roles updated - but user is last admin and retains admin role."
}Example
const response = await fetch(
`https://api.requestrocket.com/api/clients/${clientId}/members/${userId}`,
{
method: 'PUT',
headers: {
'Authorization': process.env.USER_TOKEN,
'Content-Type': 'application/json'
},
body: JSON.stringify({
roles: ['admin', 'user']
})
}
);
const data = await response.json();
console.log('Updated member roles:', data.members[0].roles);import requests
import os
response = requests.put(
f'https://api.requestrocket.com/api/clients/{client_id}/members/{user_id}',
headers={'Authorization': os.getenv('USER_TOKEN')},
json={'roles': ['admin', 'user']}
)
data = response.json()
print(f"Updated roles: {data['members'][0]['roles']}")package main
import (
"bytes"
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type UpdateRolesRequest struct {
Roles []string `json:"roles"`
}
type Response struct {
Members []map[string]interface{} `json:"members"`
Message string `json:"message"`
}
func main() {
clientId := "your-client-id"
userId := "user-id"
requestBody, _ := json.Marshal(UpdateRolesRequest{
Roles: []string{"admin", "user"},
})
url := fmt.Sprintf("https://api.requestrocket.com/api/clients/%s/members/%s", clientId, userId)
req, _ := http.NewRequest("PUT", url, bytes.NewBuffer(requestBody))
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
fmt.Printf("Updated roles: %v\n", result.Members[0]["roles"])
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class UpdateMemberRoles {
public static void main(String[] args) throws Exception {
String clientId = "your-client-id";
String userId = "user-id";
String json = "{\"roles\": [\"admin\", \"user\"]}";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/clients/" + clientId + "/members/" + userId))
.header("Authorization", System.getenv("USER_TOKEN"))
.header("Content-Type", "application/json")
.PUT(HttpRequest.BodyPublishers.ofString(json))
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject jsonResponse = JsonParser.parseString(response.body()).getAsJsonObject();
JsonArray members = jsonResponse.getAsJsonArray("members");
JsonObject member = members.get(0).getAsJsonObject();
System.out.println("Updated roles: " + member.get("roles"));
}
}curl -X PUT "https://api.requestrocket.com/api/clients/${CLIENT_ID}/members/${USER_ID}" \
-H "Authorization: ${USER_TOKEN}" \
-H "Content-Type: application/json" \
-d '{
"roles": ["admin", "user"]
}'Remove Member
Remove a member from a client. The member will lose access to all client resources.
The last remaining admin cannot be removed from a client. If you're the last admin and want to leave, you must first delete the client.
Request
DELETE /api/clients/{clientId}/members/{userId} HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"message": "Member removed from client"
}Error Responses
400 Bad Request - Last Admin
{
"message": "Cannot delete member - member is last remaining admin"
}Example
const response = await fetch(
`https://api.requestrocket.com/api/clients/${clientId}/members/${userId}`,
{
method: 'DELETE',
headers: {
'Authorization': process.env.USER_TOKEN
}
}
);
const data = await response.json();
console.log(data.message);import requests
import os
response = requests.delete(
f'https://api.requestrocket.com/api/clients/{client_id}/members/{user_id}',
headers={'Authorization': os.getenv('USER_TOKEN')}
)
data = response.json()
print(data['message'])package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type Response struct {
Message string `json:"message"`
}
func main() {
clientId := "your-client-id"
userId := "user-id"
url := fmt.Sprintf("https://api.requestrocket.com/api/clients/%s/members/%s", clientId, userId)
req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
fmt.Println(result.Message)
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class RemoveMember {
public static void main(String[] args) throws Exception {
String clientId = "your-client-id";
String userId = "user-id";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/clients/" + clientId + "/members/" + userId))
.header("Authorization", System.getenv("USER_TOKEN"))
.DELETE()
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject json = JsonParser.parseString(response.body()).getAsJsonObject();
System.out.println(json.get("message").getAsString());
}
}curl -X DELETE "https://api.requestrocket.com/api/clients/${CLIENT_ID}/members/${USER_ID}" \
-H "Authorization: ${USER_TOKEN}"User Memberships
List User Memberships
Get all client memberships for a specific user. This endpoint returns all organisations (clients) that the user is a member of, along with their roles in each.
Request
GET /api/users/{userId}/memberships HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"clients": [
{
"clientName": "Acme Corporation",
"clientMembers": [
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"roles": [
"admin"
]
},
{
"userId": "1234458-1041-70c2-b784-335c0d97abcd",
"roles": [
"user"
]
}
],
"clientId": "550e8400-e29b-41d4-a716-446655440000"
}
],
"message": "Success"
}Example
const response = await fetch(
`https://api.requestrocket.com/api/users/${userId}/memberships`,
{
headers: {
'Authorization': process.env.USER_TOKEN
}
}
);
const data = await response.json();
console.log('User memberships:', data.clients);
data.clients.forEach(client => {
console.log(`${client.clientName}: ${client.clientMembers.length} members`);
});import requests
import os
user_id = "your-user-id"
response = requests.get(
f'https://api.requestrocket.com/api/users/{user_id}/memberships',
headers={'Authorization': os.getenv('USER_TOKEN')}
)
data = response.json()
for client in data['clients']:
print(f"{client['clientName']}: {len(client['clientMembers'])} members")package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type ClientMember struct {
UserId string `json:"userId"`
Roles []string `json:"roles"`
}
type Client struct {
ClientId string `json:"clientId"`
ClientName string `json:"clientName"`
ClientMembers []ClientMember `json:"clientMembers"`
}
type Response struct {
Clients []Client `json:"clients"`
Message string `json:"message"`
}
func main() {
userId := "your-user-id"
url := fmt.Sprintf("https://api.requestrocket.com/api/users/%s/memberships", userId)
req, _ := http.NewRequest("GET", url, nil)
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
for _, client := range result.Clients {
fmt.Printf("%s: %d members\n", client.ClientName, len(client.ClientMembers))
}
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class ListUserMemberships {
public static void main(String[] args) throws Exception {
String userId = "your-user-id";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/users/" + userId + "/memberships"))
.header("Authorization", System.getenv("USER_TOKEN"))
.GET()
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject json = JsonParser.parseString(response.body()).getAsJsonObject();
JsonArray clients = json.getAsJsonArray("clients");
for (int i = 0; i < clients.size(); i++) {
JsonObject client = clients.get(i).getAsJsonObject();
JsonArray members = client.getAsJsonArray("clientMembers");
System.out.println(client.get("clientName").getAsString() + ": " +
members.size() + " members");
}
}
}curl -X GET "https://api.requestrocket.com/api/users/${USER_ID}/memberships" \
-H "Authorization: ${USER_TOKEN}"Get Specific Membership
Get details of a specific membership for a user.
Request
GET /api/users/{userId}/memberships/{membershipId} HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"clients": [
{
"clientName": "Acme Corporation",
"clientMembers": [
{
"userId": "123e4567-e89b-12d3-a456-426614174000",
"roles": [
"owner",
"admin"
]
}
],
"clientId": "550e8400-e29b-41d4-a716-446655440000"
}
],
"message": "Success"
}Example
const response = await fetch(
`https://api.requestrocket.com/api/users/${userId}/memberships/${membershipId}`,
{
headers: {
'Authorization': process.env.USER_TOKEN
}
}
);
const data = await response.json();
console.log('Client:', data.clients[0]);import requests
import os
user_id = "your-user-id"
membership_id = "membership-id"
response = requests.get(
f'https://api.requestrocket.com/api/users/{user_id}/memberships/{membership_id}',
headers={'Authorization': os.getenv('USER_TOKEN')}
)
data = response.json()
print(f"Client: {data['clients'][0]['clientName']}")package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type ClientMember struct {
UserId string `json:"userId"`
Roles []string `json:"roles"`
}
type Client struct {
ClientId string `json:"clientId"`
ClientName string `json:"clientName"`
ClientMembers []ClientMember `json:"clientMembers"`
}
type Response struct {
Clients []Client `json:"clients"`
Message string `json:"message"`
}
func main() {
userId := "your-user-id"
membershipId := "membership-id"
url := fmt.Sprintf("https://api.requestrocket.com/api/users/%s/memberships/%s", userId, membershipId)
req, _ := http.NewRequest("GET", url, nil)
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
fmt.Printf("Client: %s\n", result.Clients[0].ClientName)
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class GetMembership {
public static void main(String[] args) throws Exception {
String userId = "your-user-id";
String membershipId = "membership-id";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/users/" + userId + "/memberships/" + membershipId))
.header("Authorization", System.getenv("USER_TOKEN"))
.GET()
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject json = JsonParser.parseString(response.body()).getAsJsonObject();
JsonArray clients = json.getAsJsonArray("clients");
JsonObject client = clients.get(0).getAsJsonObject();
System.out.println("Client: " + client.get("clientName").getAsString());
}
}curl -X GET "https://api.requestrocket.com/api/users/${USER_ID}/memberships/${MEMBERSHIP_ID}" \
-H "Authorization: ${USER_TOKEN}"Remove User from Organisation
Remove yourself from an organisation. You can only remove your own membership.
- You cannot remove yourself if you are the last admin of the organisation
- This action will revoke your access to all resources within the organisation
Request
DELETE /api/users/{userId}/memberships/{membershipId} HTTP/1.1
Host: api.requestrocket.com
Authorization: {user_token}Response
{
"message": "Successfully removed from organisation"
}Example
const response = await fetch(
`https://api.requestrocket.com/api/users/${userId}/memberships/${membershipId}`,
{
method: 'DELETE',
headers: {
'Authorization': process.env.USER_TOKEN
}
}
);
const data = await response.json();
console.log(data.message);import requests
import os
user_id = "your-user-id"
membership_id = "membership-id"
response = requests.delete(
f'https://api.requestrocket.com/api/users/{user_id}/memberships/{membership_id}',
headers={'Authorization': os.getenv('USER_TOKEN')}
)
data = response.json()
print(data['message'])package main
import (
"encoding/json"
"fmt"
"io"
"net/http"
"os"
)
type Response struct {
Message string `json:"message"`
}
func main() {
userId := "your-user-id"
membershipId := "membership-id"
url := fmt.Sprintf("https://api.requestrocket.com/api/users/%s/memberships/%s", userId, membershipId)
req, _ := http.NewRequest("DELETE", url, nil)
req.Header.Set("Authorization", os.Getenv("USER_TOKEN"))
client := &http.Client{}
resp, _ := client.Do(req)
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
var result Response
json.Unmarshal(body, &result)
fmt.Println(result.Message)
}import java.net.http.*;
import java.net.URI;
import com.google.gson.*;
public class RemoveMembership {
public static void main(String[] args) throws Exception {
String userId = "your-user-id";
String membershipId = "membership-id";
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://api.requestrocket.com/api/users/" + userId + "/memberships/" + membershipId))
.header("Authorization", System.getenv("USER_TOKEN"))
.DELETE()
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
JsonObject json = JsonParser.parseString(response.body()).getAsJsonObject();
System.out.println(json.get("message").getAsString());
}
}curl -X DELETE "https://api.requestrocket.com/api/users/${USER_ID}/memberships/${MEMBERSHIP_ID}" \
-H "Authorization: ${USER_TOKEN}"Error Responses
400 Bad Request
{
"message": "No roles provided in body, can't add member"
}404 Not Found
{
"message": "User does not exist for this client"
}