Documentation

Members

Member listing, lookup, pull, deletion, unauthorized cleanup, member guild lookup, and data request endpoints.

Copy page

Overview

Member endpoints expose stored OAuth member records, single-member pull operations, unauthorized cleanup, and member self-service privacy actions. Server path params use internal RestoreCord server IDs; list and unauthorized routes also accept `all`.

Endpoint
GET /api/v3/servers/{serverId}/members
Purpose
Paginated member list for one server or all accessible servers.
Permission
READ_MEMBERS
Endpoint
GET|DELETE /api/v3/servers/{serverId}/members/unauthorized
Purpose
Count or delete unauthorized members.
Permission
READ_MEMBERS for GET, WRITE_MEMBERS for DELETE
Endpoint
GET /api/v3/members/{userId}
Purpose
Find a Discord user across accessible servers.
Permission
READ_MEMBERS
Endpoint
GET /api/v3/members/resolve/{memberId}
Purpose
Resolve one internal member row ID.
Permission
READ_MEMBERS
Endpoint
PUT /api/v3/servers/{serverId}/members/{userId}
Purpose
Pull one member into a Discord server.
Permission
SERVER_PULL
Endpoint
DELETE /api/v3/servers/{serverId}/members/{userId}
Purpose
Delete one member row and remove role best-effort.
Permission
WRITE_MEMBERS; owner-only in source
Endpoint
GET /api/v3/members/{userId}/guilds
Purpose
Fetch Discord guilds through a stored member OAuth token.
Permission
Authenticated account with server access; Business+
Endpoint
GET|POST /api/v3/members/data-request
Purpose
Discord member self-service data and authorization actions.
Permission
Data-request session

Member data may include personal data. Sensitive fields such as IP, email, device, ISP, detailed location, MFA state, and locale are plan- and permission-gated by the source helpers.


List Members

GET/api/v3/servers/{serverId}/members

List members

Returns member summaries, counts, pagination, and pullable/unauthorized totals.

serverIdRequired
Location
path
Type
string
Internal RestoreCord server ID or literal `all`.
maxOptional
Location
query
Type
number
Default
50
Page size, clamped to 1-100.
pageOptional
Location
query
Type
number
Default
1
1-indexed page number.
searchOptional
Location
query
Type
string
Search value. Auto-detects user ID, IP, email, or username prefix.
typeOptional
Location
query
Type
string
Force search type: `userId`, `ip`, `username`, or `email`.
sortByOptional
Location
query
Type
string
Default
createdAt
Allowed values: `username`, `createdAt`, `serverId`.
sortOrderOptional
Location
query
Type
string
Default
desc
`asc` or `desc`.
countryOptional
Location
query
Type
string
Two-letter ISO country code.
Example response JSON
{
  "success": true,
  "members": [
    {
      "id": 987,
      "serverId": "42",
      "userId": "123456789012345678",
      "username": "alice#0000",
      "avatar": "avatar-hash",
      "country": "US",
      "createdAt": "2026-06-07T10:30:00.000Z",
      "guildId": "111111111111111111",
      "guildName": "Community",
      "unauthorized": false
    }
  ],
  "total": 1,
  "pullable": 1,
  "unauthorized": 0,
  "currentPage": 1,
  "maxPages": 1
}
  • Deep pagination is rejected: more than 50,000 skipped rows without filters, or more than 10,000 skipped rows with search/country filters.
  • For serverId=all, shared servers are included only when the signed-in user has VIEW_MEMBERS sub-user permission.
  • Country filters are validated against the local country list.

Unauthorized Members

Unauthorized members have invalid or revoked OAuth tokens. The handlers count or delete records where accessToken is "unauthorized" or unauthorized is true.

GET/api/v3/servers/{serverId}/members/unauthorized

Count unauthorized members

Returns unauthorized member counts for one server or all accessible servers.

serverIdRequired
Location
path
Type
string
Internal RestoreCord server ID or literal `all`.
breakdownOptional
Location
query
Type
boolean
Default
false
When `serverId` is `all`, include per-server nonzero counts.
Example response JSON
{
  "success": true,
  "count": 12,
  "serverId": "all",
  "breakdown": [
    { "serverId": "42", "guildId": "111111111111111111", "serverName": "Community", "count": 12 }
  ]
}
DELETE/api/v3/servers/{serverId}/members/unauthorized

Delete unauthorized members

Deletes unauthorized member records. Use dryRun to preview counts first.

serverIdRequired
Location
path
Type
string
Internal RestoreCord server ID or literal `all`.
dryRunOptional
Location
query
Type
boolean
Default
false
Return the count that would be deleted without deleting.
Example response JSON
{
  "success": true,
  "dryRun": true,
  "wouldRemove": 12,
  "message": "Dry run: Would remove 12 unauthorized members."
}
Example response JSON
{
  "success": true,
  "removed": 12,
  "message": "Successfully removed 12 unauthorized members.",
  "serverId": "42"
}

Lookup Member

GET/api/v3/members/{userId}

Get member across servers

Returns one entry per accessible server containing the Discord user. Not-found lookups return `servers: []`.

userIdRequired
Location
path
Type
string
Discord user ID.
serverIdOptional
Location
query
Type
string
Optional internal RestoreCord server ID filter.
Example response JSON
{
  "success": true,
  "servers": [
    {
      "serverId": 42,
      "guildId": "111111111111111111",
      "serverName": "Community",
      "hasFullAccess": true,
      "member": {
        "id": 987,
        "userId": "123456789012345678",
        "username": "alice#0000",
        "avatar": "avatar-hash",
        "joinedAt": "2026-06-07T10:30:00.000Z",
        "country": "US",
        "unauthorized": false,
        "ip": "203.0.113.***",
        "location": { "country": "United States", "vpn": false }
      }
    }
  ]
}

Resolve Member

GET/api/v3/members/resolve/{memberId}

Resolve member row

Returns one server/member entry for an internal `members.id` row.

memberIdRequired
Location
path
Type
number
Internal member row ID.
Example response JSON
{
  "success": true,
  "server": {
    "serverId": 42,
    "guildId": "111111111111111111",
    "serverName": "Community",
    "hasFullAccess": true,
    "member": {
      "id": 987,
      "serverId": "42",
      "userId": "123456789012345678",
      "username": "alice#0000",
      "unauthorized": false
    }
  }
}

Pull Member

API key permission: SERVER_PULL. The response is text/event-stream, not JSON.

PUT/api/v3/servers/{serverId}/members/{userId}

Pull member

Pulls one stored member into a target Discord guild and streams progress events.

serverIdRequired
Location
path
Type
string
Internal RestoreCord source server ID.
userIdRequired
Location
path
Type
string
Discord user ID to pull.
guildIdOptional
Location
body
Type
string
Optional guard value. When supplied, it must match the source server's Discord guild ID.
roleIdOptional
Location
body
Type
string
Role ID to assign. Defaults to the source server's verified role.
Example SSE response
event: info
data: {"time":1780837800000,"success":true,"message":"Started Pulling..."}

event: info
data: {"time":1780837801000,"success":true,"message":"Successfully Pulled"}

SSE Events

Event
info
Payload fields
time, success, message
Notes
Progress and successful Discord add-member states.
Event
error
Payload fields
time, success: false, message
Notes
Validation, access, Discord token, guild, invite-disabled, or rate-limit failures.

Delete Member

API key permission: WRITE_MEMBERS. Source restricts this route to server owners.

DELETE/api/v3/servers/{serverId}/members/{userId}

Delete member

Deletes one member row and removes the verified role best-effort through Discord.

serverIdRequired
Location
path
Type
string
Internal RestoreCord server ID.
userIdRequired
Location
path
Type
string
Discord user ID.
Example response JSON
{
  "success": true,
  "message": "Member removed from server."
}

Member Guilds

Fetch the Discord guilds available through one stored member OAuth access token. Requires a valid serverId query and Business or Enterprise plan in source.

GET/api/v3/members/{userId}/guilds

Get member Discord guilds

Fetches guilds from Discord using the stored member token.

userIdRequired
Location
path
Type
string
Discord user ID.
serverIdRequired
Location
query
Type
string
Internal RestoreCord server ID that contains the member record.
Example response JSON
{
  "success": true,
  "guilds": [
    { "id": "999999999999999999", "name": "Other Guild", "icon": null }
  ],
  "cached": false
}

Data Request

Data request endpoints let a Discord user authenticate and either revoke authorization for a server or remove personal data for a server. These routes authenticate the member, not an owner API key.

Endpoint
/api/v3/members/data-request
Method
GET
Notes
With code and redirect_uri, exchanges a Discord OAuth code and returns a short session token plus matching member records.
Endpoint
/api/v3/members/data-request
Method
GET
Notes
With Authorization: Bearer <sessionToken>, resumes an existing data-request session.
Endpoint
/api/v3/members/data-request
Method
POST
Notes
Requires Authorization: Bearer <sessionToken> and body { action, guildId }. action is unauthorize or remove-data.
Example request JSON
{
  "action": "remove-data",
  "guildId": "111111111111111111"
}
Example response JSON
{
  "success": true,
  "message": "Personal data removed for this server."
}

Status and Errors

Status/code
200
When it appears
Successful member list, lookup, count, delete, guild lookup, stream start, or privacy action.
Status/code
400 INVALID_INPUT
When it appears
Invalid server ID, user ID, member ID, country code, search value, page depth, or privacy action.
Status/code
401 UNAUTHORIZED
When it appears
Missing auth or expired data-request session.
Status/code
403 FORBIDDEN / INSUFFICIENT_PERMISSIONS
When it appears
Missing API key permission, missing sub-user permission, non-owner delete, or Business plan required for member guild lookup.
Status/code
404 NOT_FOUND
When it appears
Server, member, bot, or lookup target not found.
Status/code
429 RATE_LIMITED
When it appears
Rate limit reached for lookup, pull, member guilds, or data request.
Status/code
502 EXTERNAL_SERVICE_ERROR
When it appears
Discord token/guild lookup failed or stored member access token unavailable.
  • Use GET /members/{userId} for Discord-user lookup and GET /members/resolve/{memberId} for internal row lookup.
  • Use DELETE /members/unauthorized?dryRun=true before destructive cleanup.
  • Handle pull responses as SSE, not JSON.