Sotion

Group Members

Add a member to an access group

Adds an existing site member to an access group. The member must already exist on the site — create them first with createMember if needed.

Scope-managed groups cannot have members added via API — returns 403 Forbidden. Returns 409 Conflict if the member is already in the group.

POST /access-groups/{groupId}/members

Add a member to an access group

curl --request POST \
  --url 'https://api.sotion.so/api/v1/access-groups/{GROUPID}/members' \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
  --header 'Content-Type: application/json' \
  --data '{
  "key": "value"
}'
{
  "data": {
    "id": "<uuid>",
    "email": "<email>",
    "displayName": "<string>",
    "status": "active",
    "verified": true,
    "paid": true,
    "registeredAt": "<date-time>",
    "lastLoginAt": "<date-time>",
    "createdAt": "<date-time>",
    "updatedAt": "<date-time>",
    "accessGroups": [
      {}
    ]
  }
}

Member added to group.

Authorizations

  • Authorization string required header

    Per-site API key (prefix: so_...). Each key is scoped to exactly one Sotion site — the site context is determined entirely by the key. No site ID is needed in any URL. Pass as: Authorization: Bearer so_...

Path Parameters

  • groupId string (uuid) required

    UUID of the access group. Get group IDs from listAccessGroups or createAccessGroup responses.

Request Body

application/json
  • memberId string (uuid) required

    UUID of an existing site member to add to the group. The member must already exist — use createMember first if needed.

Response

application/json
  • Location string response header

    URL of the group membership.

  • X-RateLimit-Limit integer response header

    Maximum requests allowed in the current window.

  • X-RateLimit-Remaining integer response header

    Requests remaining in the current window.

  • X-RateLimit-Reset integer response header

    Unix timestamp (seconds) when the rate limit window resets.

  • X-Request-Id string (uuid) response header

    Unique request identifier for support and debugging.

  • data allOf
    + Show Child Attributes
    • id string (uuid) allOf

      Unique identifier (UUID) for the member.

    • email string (email) allOf

      Member's email address (normalized to lowercase).

    • displayName string allOfnullable

      Display name shown to the member, null if not set.

    • status string enum allOfenum

      'active' means the member can access the site. 'blocked' means the member is denied access. Allowed values: active, blocked.

    • verified boolean allOfnullable

      Whether the member has verified their email by clicking a login link. Null if unknown.

    • paid boolean allOfnullable

      Whether this member is marked as a paying customer. Set manually or via the API.

    • registeredAt string (date-time) allOfnullable

      When the member first registered (clicked a login link or was added).

    • lastLoginAt string (date-time) allOfnullable

      When the member last logged in via a login link.

    • createdAt string (date-time) allOfnullable

      When the member record was created.

    • updatedAt string (date-time) allOfnullable

      When the member record was last modified.

    • accessGroups[] object allOfarray

      List of access groups this member belongs to. Only included in getMember and createMember responses, NOT in listMembers.

      + Show Child Attributes
      • id string (uuid)

        UUID of the access group.

      • name string

        Name of the access group.