Team Members

Each member receives a unique API key that grants them access to the project.

List members

GET /machine/team/:projectId/members

Requires membership in the project.

{
  "members": [
    {
      "id": "member-uuid",
      "apiKeyId": "key-uuid",
      "keyLabel": "bootstrap",
      "role": "owner",
      "invitedBy": null,
      "joinedAt": "2026-02-07T12:00:00.000Z"
    },
    {
      "id": "member-uuid-2",
      "apiKeyId": "key-uuid-2",
      "keyLabel": "alice-dev",
      "role": "member",
      "invitedBy": "key-uuid",
      "joinedAt": "2026-02-07T13:00:00.000Z"
    }
  ]
}

Invite a member

POST /machine/team/:projectId/members

Roles: owner admin

Generates a fresh API key for the new member.

Request body

{
  "label": "alice-dev",
  "role": "member"
}

Field	Type	Default	Description
`label`	string	`null`	Label for the new member’s API key
`role`	string	`"member"`	Role: `admin`, `member`, or `viewer`

Response `201`

{
  "memberId": "a1b2c3d4-...",
  "apiKeyId": "e5f6g7h8-...",
  "apiKey": "mk_...",
  "role": "member",
  "message": "Share this API key with the invited member. It will not be shown again."
}

Triggers the member.invited webhook event.

Update a member’s role

PATCH /machine/team/:projectId/members/:memberId

Roles: owner admin

Valid roles: admin, member, viewer. The owner role cannot be changed.

{ "role": "admin" }

Returns { "success": true, "memberId": "...", "newRole": "admin" }.

Remove a member

DELETE /machine/team/:projectId/members/:memberId

Roles: owner admin

Removes the member and revokes their API key. Cannot remove the project owner or yourself.

Triggers the member.removed webhook event.

Team Members

List members

Invite a member

Request body

Response 201

Update a member’s role

Remove a member

Response `201`