API Docs (Legacy)

Members API

Members API

This service is responsible for managing BizTech members, including creating, retrieving, updating, and deleting member records stored in DynamoDB.

Authentication & Authorization

  • All endpoints (except POST /members) require Cognito authentication.
  • Only users with @ubcbiztech.com emails are authorized to call this service.
  • Unauthorized users will receive a 403 Unauthorized response.

POST /members/

Creates a new member record.

Request

HeadersTypeRequired?
AuthorizationBearer TokenY
Body PropertyDescriptionRequired?
emailEmail address (unique ID)Y
first_nameFirst nameY
last_nameLast nameY
pronounsPronounsN
student_numberStudent numberN
facultyFaculty nameN
yearYear of studyN
majorMajor/ProgramN
prev_memberWhether user is a returning member (boolean)N
internationalInternational student (boolean)N
educationCurrent education statusN
topicsInterests/topics arrayN
heard_fromHow they heard of BizTechN
heardFromSpecifyFreeform detail on sourceN
dietDietary restrictionsN
universityUniversity nameN
high_schoolHigh school nameN
adminAdmin flag (boolean)N

Example Request

{
  "email": "student@example.com",
  "first_name": "Alice",
  "last_name": "Wong",
  "faculty": "Commerce",
  "year": "3",
  "major": "Accounting",
  "prev_member": false,
  "international": true,
  "topics": ["Finance", "Tech"],
  "heard_from": "Friend"
}

Response

{
  "message": "Created!",
  "params": {
    "id": "student@example.com",
    "firstName": "Alice",
    "lastName": "Wong",
    "faculty": "Commerce",
    "year": "3",
    "major": "Accounting",
    "international": true,
    "topics": ["Finance", "Tech"],
    "createdAt": 1755702100000,
    "updatedAt": 1755702100000
  }
}

Errors

  • 403 Unauthorized if caller is not @ubcbiztech.com.
  • 400 Invalid email format.
  • 409 Email already exists.
  • 502 Internal server error.

GET /members/{id}

Fetch a single member by email.

Request

HeadersType
AuthorizationBearer Token
Path ParamDescription
idMember’s email

Example Request

GET /members/student@example.com

Response

{
  "id": "student@example.com",
  "firstName": "Alice",
  "lastName": "Wong",
  "faculty": "Commerce",
  "year": "3",
  "major": "Accounting",
  "international": true,
  "topics": ["Finance", "Tech"],
  "createdAt": 1755702100000,
  "updatedAt": 1755702100000
}

Errors

  • 403 Unauthorized
  • 400 Invalid email
  • 404 Member not found

GET /members/

Fetch all members.

Request

HeadersType
AuthorizationBearer Token

Response

{
  "message": "success",
  "data": [
    {
      "id": "student@example.com",
      "firstName": "Alice",
      "lastName": "Wong",
      "year": "3",
      "major": "Accounting",
      "createdAt": 1755702100000,
      "updatedAt": 1755702100000
    },
    {
      "id": "bob@example.com",
      "firstName": "Bob",
      "lastName": "Li",
      "year": "4",
      "major": "Finance"
    }
  ]
}

PATCH /members/{id}

Update an existing member by email.

Request

HeadersType
AuthorizationBearer Token
Path ParamDescription
idMember’s email

Body

  • Accepts any subset of the fields from POST /members/.

Example Request

{
  "major": "Business Technology Management",
  "year": "4",
  "topics": ["Consulting", "AI"]
}

Response

{
  "message": "Updated member with email student@example.com!",
  "response": {
    "Attributes": {
      "major": "Business Technology Management",
      "year": "4",
      "topics": ["Consulting", "AI"],
      "updatedAt": 1755703100000
    }
  }
}

Errors

  • 403 Unauthorized
  • 400 Invalid email
  • 404 Member not found

DELETE /members/{id}

Delete a member by email.

Request

HeadersType
AuthorizationBearer Token
Path ParamDescription
idMember’s email

Example Request

DELETE /members/student@example.com

Response

{
  "message": "Member deleted!",
  "response": {
    "id": "student@example.com"
  }
}

Errors

  • 403 Unauthorized
  • 400 Invalid email
  • 404 Member not found

POST /members/membership

Grant or revoke a membership for an existing user. This endpoint also creates or deletes the member profile as part of the membership flow.

Request

HeadersType
AuthorizationBearer Token
Body PropertyDescription
emailUser email (must already exist in biztechUsers)
membershiptrue to grant, false to revoke

Example Request (Grant)

{
  "email": "isaacliu@gmail.com",
  "membership": true
}

Example Request (Revoke)

{
  "email": "kevinxiao27@gmail.com",
  "membership": false
}

Response

{
  "message": "Membership granted"
}

Response (Revoke)

{
  "message": "Membership revoked"
}

Behavior

  • Grant
    • Updates biztechUsers.isMember = true
    • Creates a member row in biztechMembers2026 if missing
    • Creates a profile via createProfile(...) if none exists
    • No behavior if membership already existed
  • Revoke
    • Updates biztechUsers.isMember = false
    • Deletes the member row from biztechMembers2026
    • Deletes the profile from biztechProfiles (if it exists)
    • No behavior if no membership exists

Errors

  • 403 Unauthorized if caller is not @ubcbiztech.com
  • 400 Invalid email format
  • 404 User not found
  • 502 Internal server error
Previous
Connections API
Next
Profiles API