Skip to main content

Overview

The create-member function creates a new member in your BoxApp system. It handles both authentication account creation and profile setup in a single operation. If a user with the provided email already exists in the authentication system, the function updates their profile instead of creating a duplicate account.

Endpoint

POST /functions/v1/create-member
This is a Supabase Edge Function that requires service role authentication.

Request Body

email
string
required
The member’s email address. Used for authentication and communication.
password
string
required
Initial password for the member’s account. The member will be required to change this on first login.
first_name
string
required
The member’s first name.
last_name
string
required
The member’s last name.
role_id
string
required
The role identifier that determines the member’s permissions within the system.
box_id
string
required
The unique identifier for the CrossFit box this member belongs to.

Response

user
object
The created or updated user object from Supabase Auth.
id
string
The unique user identifier.
email
string
The user’s email address.
user_metadata
object
Contains first_name, last_name, box_id, and role_id.

Behavior

The function performs the following operations:
  1. Checks for existing user: Searches the authentication system for a user with the provided email
  2. Creates or reuses auth account:
    • If the user doesn’t exist, creates a new authentication account with email_confirm: true
    • If the user exists, uses the existing account ID
  3. Validates box ownership: Ensures the user isn’t already registered with a different box
  4. Creates or updates profile:
    • Sets force_password_change: true to require password change on first login
    • Sets status: 'active' to enable the member immediately
The system currently allows only one box per user. If you attempt to add a user who belongs to another box, the function will return an error: “Este usuario ya está registrado en otro Box. El sistema actual solo permite un Box por usuario.”

Example Request

const response = await fetch('https://your-project.supabase.co/functions/v1/create-member', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${SUPABASE_SERVICE_ROLE_KEY}`,
  },
  body: JSON.stringify({
    email: '[email protected]',
    password: 'TempPassword123!',
    first_name: 'John',
    last_name: 'Doe',
    role_id: 'member',
    box_id: 'box_abc123'
  })
});

const data = await response.json();
console.log(data.user);

Example Response

{
  "user": {
    "id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
    "email": "[email protected]",
    "email_confirmed_at": "2026-03-04T12:00:00.000Z",
    "user_metadata": {
      "first_name": "John",
      "last_name": "Doe",
      "box_id": "box_abc123",
      "role_id": "member"
    }
  }
}

Error Response

If an error occurs, you’ll receive a response with status 400: 
{
  "error": "Este usuario ya está registrado en otro Box. El sistema actual solo permite un Box por usuario."
}

Common Use Cases

  • Onboarding new members: Create accounts for members joining your box
  • Bulk member import: Add multiple members programmatically
  • Admin user creation: Set up new members with specific roles
Members created through this function will have force_password_change set to true, requiring them to change their password upon first login for security.

Build docs developers (and LLMs) love

Get started for freeTalk to us