Action References
MembershipCheckAction
MembershipCheckAction
Purpose Validate whether the current user is a member of a related object (organization, team, project) based on that object’s membership rules.
When to use it
afterBuildWhereClause(scope checks before fetch)afterFetchInstance/afterCheckInstance(instance-linked membership)- In list flows, to constrain by membership earlier in the chain
Key fields
| Field | Type | Notes |
|---|---|---|
dataObjectName | DataObjectName | Source of membership rules (defaults to main object if omitted). |
objectKey | MScript | ID of the object to check (e.g., this.projectId). |
userKey | MScript | User id to test (this.session.userId, or delegated). |
checkFor | MScript | Optional—role/conditions within membership (e.g., member.role === 'owner'). |
checkType | ApiCheckType | liveCheck or storedCheck. |
errorMessage | String | Message if liveCheck fails. |
Behavior
- Enforces relationship-scoped access; with
liveCheck, throws 403 (absolute roles bypass). - With
storedCheck, writes boolean to context for later conditionals.
Example
{
"id": "a220-membership-org",
"name": "requireOrgMembership",
"dataObjectName": "organization",
"objectKey": "this.organizationId",
"userKey": "this.session.userId",
"checkType": "liveCheck",
"errorMessage": "You must belong to this organization."
}
Was this page helpful?
Built with Documentation.AI
Last updated Jan 3, 2026