PATCH /api/v1/members/{id}
Requires members.update permission. Replaces the member’s current role with the specified role.
Path parameters
UUID of the membership record to update.
Request body
UUID of the role to assign to the member.
Response
The updated membership record.
UUID of the membership record.
The user associated with this membership.Show MemberUser properties
ISO 8601 datetime when the email was verified, or null.
The newly assigned role.
Human-readable display name.
List of permission strings granted by this role.
ISO 8601 timestamp when the membership was created.
ISO 8601 timestamp of the last update.
Errors
| Status | When |
|---|
400 | Request body is invalid or role_id is missing |
401 | Missing or invalid Bearer token |
403 | Caller lacks members.update permission |
404 | Member not found |
409 | Role conflict, e.g. cannot remove the last owner |
Example
curl -X PATCH http://localhost:8080/api/v1/members/m1b2c3d4-e5f6-7890-abcd-ef1234567890 \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-d '{"role_id": "r1b2c3d4-e5f6-7890-abcd-ef1234567890"}'
{
"member": {
"id": "m1b2c3d4-e5f6-7890-abcd-ef1234567890",
"user": {
"id": "u1b2c3d4-e5f6-7890-abcd-ef1234567890",
"name": "Onur Kacmaz",
"email": "[email protected]",
"email_verified_at": "2026-01-15T09:05:00Z"
},
"role": {
"id": "r1b2c3d4-e5f6-7890-abcd-ef1234567890",
"key": "developer",
"name": "Developer",
"is_system": true,
"permissions": ["flags.read", "flags.write", "rules.read", "rules.write"]
},
"created_at": "2026-01-15T09:00:00Z",
"updated_at": "2026-03-21T11:00:00Z"
}
}