# Memberships

## CreateMembership

`client.Groups.Memberships.New(ctx, body) (*GroupMembershipNewResponse, error)`

**post** `/gitpod.v1.GroupService/CreateMembership`

Creates a membership for a user in a group.

Use this method to:

- Add users to groups
- Grant group-based permissions to users

### Examples

- Add a user to a group:

  Creates a membership for a user in a group.

  ```yaml
  groupId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  subject:
    id: "f53d2330-3795-4c5d-a1f3-453121af9c60"
    principal: PRINCIPAL_USER
  ```

### Authorization

Requires `org:admin` permission on the organization or `group:admin` permission on the specific group.

### Parameters

- `body GroupMembershipNewParams`

  - `GroupID param.Field[string]`

  - `Subject param.Field[Subject]`

    Subject to add to the group

### Returns

- `type GroupMembershipNewResponse struct{…}`

  - `Member GroupMembership`

    GroupMembership represents a subject's membership in a group

    - `ID string`

      Unique identifier for the group membership

    - `AvatarURL string`

      Subject's avatar URL

    - `GroupID string`

      Group identifier

    - `Name string`

      Subject's display name

    - `Subject Subject`

      Subject (user, runner, environment, service account, etc.)

      - `ID string`

        id is the UUID of the subject

      - `Principal Principal`

        Principal is the principal of the subject

        - `const PrincipalUnspecified Principal = "PRINCIPAL_UNSPECIFIED"`

        - `const PrincipalAccount Principal = "PRINCIPAL_ACCOUNT"`

        - `const PrincipalUser Principal = "PRINCIPAL_USER"`

        - `const PrincipalRunner Principal = "PRINCIPAL_RUNNER"`

        - `const PrincipalEnvironment Principal = "PRINCIPAL_ENVIRONMENT"`

        - `const PrincipalServiceAccount Principal = "PRINCIPAL_SERVICE_ACCOUNT"`

        - `const PrincipalRunnerManager Principal = "PRINCIPAL_RUNNER_MANAGER"`

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
  "github.com/gitpod-io/gitpod-sdk-go/shared"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  membership, err := client.Groups.Memberships.New(context.TODO(), gitpod.GroupMembershipNewParams{
    GroupID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"),
    Subject: gitpod.F(shared.SubjectParam{
      ID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"),
      Principal: gitpod.F(shared.PrincipalUser),
    }),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", membership.Member)
}
```

#### Response

```json
{
  "member": {
    "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "avatarUrl": "avatarUrl",
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "name": "name",
    "subject": {
      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "principal": "PRINCIPAL_UNSPECIFIED"
    }
  }
}
```

## DeleteMembership

`client.Groups.Memberships.Delete(ctx, body) (*GroupMembershipDeleteResponse, error)`

**post** `/gitpod.v1.GroupService/DeleteMembership`

Deletes a membership for a user in a group.

Use this method to:

- Remove users from groups
- Revoke group-based permissions

### Examples

- Remove a user from a group:

  Deletes a membership by its ID.

  ```yaml
  membershipId: "a1b2c3d4-5678-90ab-cdef-1234567890ab"
  ```

### Authorization

Requires `org:admin` permission on the organization or `group:admin` permission on the specific group.

### Parameters

- `body GroupMembershipDeleteParams`

  - `MembershipID param.Field[string]`

    The membership to delete

### Returns

- `type GroupMembershipDeleteResponse interface{…}`

  Empty response

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  membership, err := client.Groups.Memberships.Delete(context.TODO(), gitpod.GroupMembershipDeleteParams{
    MembershipID: gitpod.F("a1b2c3d4-5678-90ab-cdef-1234567890ab"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", membership)
}
```

#### Response

```json
{}
```

## ListMemberships

`client.Groups.Memberships.List(ctx, params) (*MembersPage[GroupMembership], error)`

**post** `/gitpod.v1.GroupService/ListMemberships`

Lists all memberships of a group.

Use this method to:

- View all members of a group
- Audit group membership

### Examples

- List group members:

  Shows all members of a specific group.

  ```yaml
  groupId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  pagination:
    pageSize: 20
  ```

### Authorization

All organization members can view group membership (transparency model).

### Parameters

- `params GroupMembershipListParams`

  - `Token param.Field[string]`

    Query param

  - `PageSize param.Field[int64]`

    Query param

  - `Filter param.Field[GroupMembershipListParamsFilter]`

    Body param: filter contains options for filtering the list of memberships.

    - `Search string`

      search performs case-insensitive search across member name, email, ID,
      and service account name and description

  - `GroupID param.Field[string]`

    Body param

  - `Pagination param.Field[GroupMembershipListParamsPagination]`

    Body param: pagination contains the pagination options for listing memberships

    - `Token string`

      Token for the next set of results that was returned as next_token of a
      PaginationResponse

    - `PageSize int64`

      Page size is the maximum number of results to retrieve per page.
      Defaults to 25. Maximum 100.

### Returns

- `type GroupMembership struct{…}`

  GroupMembership represents a subject's membership in a group

  - `ID string`

    Unique identifier for the group membership

  - `AvatarURL string`

    Subject's avatar URL

  - `GroupID string`

    Group identifier

  - `Name string`

    Subject's display name

  - `Subject Subject`

    Subject (user, runner, environment, service account, etc.)

    - `ID string`

      id is the UUID of the subject

    - `Principal Principal`

      Principal is the principal of the subject

      - `const PrincipalUnspecified Principal = "PRINCIPAL_UNSPECIFIED"`

      - `const PrincipalAccount Principal = "PRINCIPAL_ACCOUNT"`

      - `const PrincipalUser Principal = "PRINCIPAL_USER"`

      - `const PrincipalRunner Principal = "PRINCIPAL_RUNNER"`

      - `const PrincipalEnvironment Principal = "PRINCIPAL_ENVIRONMENT"`

      - `const PrincipalServiceAccount Principal = "PRINCIPAL_SERVICE_ACCOUNT"`

      - `const PrincipalRunnerManager Principal = "PRINCIPAL_RUNNER_MANAGER"`

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  page, err := client.Groups.Memberships.List(context.TODO(), gitpod.GroupMembershipListParams{
    GroupID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"),
    Pagination: gitpod.F(gitpod.GroupMembershipListParamsPagination{
      PageSize: gitpod.F(int64(20)),
    }),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}
```

#### Response

```json
{
  "members": [
    {
      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "avatarUrl": "avatarUrl",
      "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "name": "name",
      "subject": {
        "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
        "principal": "PRINCIPAL_UNSPECIFIED"
      }
    }
  ],
  "pagination": {
    "nextToken": "nextToken"
  }
}
```

## GetMembership

`client.Groups.Memberships.Get(ctx, body) (*GroupMembershipGetResponse, error)`

**post** `/gitpod.v1.GroupService/GetMembership`

Gets a specific membership by group ID and subject.

Use this method to:

- Check if a user or service account is a member of a group
- Verify group membership for access control

### Examples

- Check user membership:

  Checks if a user is a member of a specific group.

  ```yaml
  groupId: "d2c94c27-3b76-4a42-b88c-95a85e392c68"
  subject:
    id: "f53d2330-3795-4c5d-a1f3-453121af9c60"
    principal: PRINCIPAL_USER
  ```

### Authorization

All organization members can check group membership (transparency model).

### Parameters

- `body GroupMembershipGetParams`

  - `Subject param.Field[Subject]`

    Subject to check membership for

  - `GroupID param.Field[string]`

### Returns

- `type GroupMembershipGetResponse struct{…}`

  - `Member GroupMembership`

    The membership if found, nil if subject is not a member

    - `ID string`

      Unique identifier for the group membership

    - `AvatarURL string`

      Subject's avatar URL

    - `GroupID string`

      Group identifier

    - `Name string`

      Subject's display name

    - `Subject Subject`

      Subject (user, runner, environment, service account, etc.)

      - `ID string`

        id is the UUID of the subject

      - `Principal Principal`

        Principal is the principal of the subject

        - `const PrincipalUnspecified Principal = "PRINCIPAL_UNSPECIFIED"`

        - `const PrincipalAccount Principal = "PRINCIPAL_ACCOUNT"`

        - `const PrincipalUser Principal = "PRINCIPAL_USER"`

        - `const PrincipalRunner Principal = "PRINCIPAL_RUNNER"`

        - `const PrincipalEnvironment Principal = "PRINCIPAL_ENVIRONMENT"`

        - `const PrincipalServiceAccount Principal = "PRINCIPAL_SERVICE_ACCOUNT"`

        - `const PrincipalRunnerManager Principal = "PRINCIPAL_RUNNER_MANAGER"`

### Example

```go
package main

import (
  "context"
  "fmt"

  "github.com/gitpod-io/gitpod-sdk-go"
  "github.com/gitpod-io/gitpod-sdk-go/option"
  "github.com/gitpod-io/gitpod-sdk-go/shared"
)

func main() {
  client := gitpod.NewClient(
    option.WithBearerToken("My Bearer Token"),
  )
  membership, err := client.Groups.Memberships.Get(context.TODO(), gitpod.GroupMembershipGetParams{
    Subject: gitpod.F(shared.SubjectParam{
      ID: gitpod.F("f53d2330-3795-4c5d-a1f3-453121af9c60"),
      Principal: gitpod.F(shared.PrincipalUser),
    }),
    GroupID: gitpod.F("d2c94c27-3b76-4a42-b88c-95a85e392c68"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", membership.Member)
}
```

#### Response

```json
{
  "member": {
    "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "avatarUrl": "avatarUrl",
    "groupId": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
    "name": "name",
    "subject": {
      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "principal": "PRINCIPAL_UNSPECIFIED"
    }
  }
}
```

## Domain Types

### Group Membership

- `type GroupMembership struct{…}`

  GroupMembership represents a subject's membership in a group

  - `ID string`

    Unique identifier for the group membership

  - `AvatarURL string`

    Subject's avatar URL

  - `GroupID string`

    Group identifier

  - `Name string`

    Subject's display name

  - `Subject Subject`

    Subject (user, runner, environment, service account, etc.)

    - `ID string`

      id is the UUID of the subject

    - `Principal Principal`

      Principal is the principal of the subject

      - `const PrincipalUnspecified Principal = "PRINCIPAL_UNSPECIFIED"`

      - `const PrincipalAccount Principal = "PRINCIPAL_ACCOUNT"`

      - `const PrincipalUser Principal = "PRINCIPAL_USER"`

      - `const PrincipalRunner Principal = "PRINCIPAL_RUNNER"`

      - `const PrincipalEnvironment Principal = "PRINCIPAL_ENVIRONMENT"`

      - `const PrincipalServiceAccount Principal = "PRINCIPAL_SERVICE_ACCOUNT"`

      - `const PrincipalRunnerManager Principal = "PRINCIPAL_RUNNER_MANAGER"`