Members
Members belong to an organization in the AISIX managed control plane. They represent the people or service owners responsible for control-plane administration, API keys, usage, and limits.
The managed control plane supports two member onboarding paths:
- Invite a member when they need to sign in to the dashboard.
- Create a member directly when you need an API key owner that does not sign in to the dashboard.
Both paths create organization members. The difference is whether the member receives an invitation and can use the dashboard.
Invite a Member
Use an invitation when the person needs dashboard access to manage resources, view usage, or administer the organization.
- Open Members and select Invite member.
- Enter the member's email address and choose a role.
- Send the invitation and share the one-time invitation link.
The invitee opens the link, signs up, sets a password, and joins the organization with the selected role. Until the invitee accepts, the invitation stays pending on the Pending invitations tab.
Create a Member Directly
Create a member directly when the member only needs to own API keys and does not need dashboard access. Typical cases include services, applications, or developers in a private deployment where dashboard access is restricted.
A directly created member:
- Becomes active immediately, with no invitation link or confirmation step.
- Can be added to teams and assigned API keys.
- Can be governed with rate limits and budgets.
- Has no password, so it cannot sign in to the dashboard.
The member still has a name and email address. Use values that identify the responsible person, service, or application owner so usage and limits can be attributed correctly.
In the Dashboard
- Open Members and select Create user.
- Enter a Name and an Email that identify the responsible owner.
- Select Create user.
The member appears in the list right away. You can then add the member to a team and issue API keys from the environment that serves its traffic.
Use the API
Use the API when you need to provision members from automation.
Authenticate with an organization admin token that has write scope. Admin tokens are scoped to one organization, so the request does not need a separate organization header.
curl -X POST "https://<your-cp-api-host>/api/members" \
-H "Authorization: Bearer $AISIX_ADMIN_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"name": "Responsible Person",
"email": "svc-payments@example.com"
}'
A successful call returns 201 Created with the new member:
{
"member": {
"id": "8f3b2a1c-9d4e-4f6a-b7c8-1e2d3f4a5b6c",
"user_id": "2c7d6e5f-4a3b-4c2d-8e1f-9a0b1c2d3e4f",
"email": "svc-payments@example.com",
"display_name": "Responsible Person",
"role": "member"
}
}
The email address must be valid and unique across the deployment. For an application owner, you can use a synthetic address such as svc-payments@example.com. Reusing an existing email address returns 409 Conflict. Directly created members always use the member role.
Browse and Search Members
The Members list supports search and pagination, so large organizations stay manageable.
- Use the search box to filter by name or email. The search runs server-side, so it matches across every page, not only the rows currently in view.
- Use the controls below the list to change the page size or move between pages.
List Members with the API
Authenticate with an organization admin token that has read scope.
curl "https://<your-cp-api-host>/api/members?page=1&page_size=20&q=payments" \
-H "Authorization: Bearer $AISIX_ADMIN_TOKEN"
The query parameters are optional:
q: case-insensitive match against member name and email.page: 1-based page number. Requirespage_size; settingpageon its own returns400.page_size: page size, up to200. Omit bothpageandpage_sizeto disable paging and return every member in a single response.
The response wraps the members in a pagination envelope:
{
"data": [],
"total": 128,
"page": 1,
"page_size": 20,
"owner_count": 2
}
total is the number of members that match the filter across all pages, and owner_count is the number of owners in the organization.
Next Steps
Continue with Managed Gateway to connect a gateway to the environment that serves traffic for member-owned API keys.