The 1Club Platform API lets you programmatically access and manage your organization’s data - clubs, classes, content, and transactions - from your own websites, integrations, and back-office scripts.Documentation Index
Fetch the complete documentation index at: https://docs.1club.ai/llms.txt
Use this file to discover all available pages before exploring further.
Base URL
All API requests are made to:Official API contract
This documentation is the official source of truth for the 1Club Platform API. If an integration relies on undocumented endpoints, fields, response shapes, or internal behavior outside this spec, we can’t guarantee backward compatibility. Build against what’s documented here to stay stable as the platform evolves.Authentication
All requests require a customer API key passed as a Bearer token:Creating an API token
API tokens are created from the admin dashboard at admin.1club.ai.- Sign in to the admin dashboard
- Open Settings → API Tokens
- Click Create Token
- Fill in the token details:
- Name — a label to identify where this token is used (e.g. “Website Integration”)
- Description — optional note on what the token is used for
- Scopes — pick the resources the token can access, and whether each is Read or Write
- Expires — set an expiry date, or leave empty for a token that never expires
- Click Save
- Copy the token immediately — it is shown only once and cannot be retrieved later
Creating and revoking API tokens requires the settings.manage.organization permission. Admins and users with full settings management can access this page; managers and other roles cannot.
Token scopes
Each token is granted access to specific resources with either Read or Write permission:- Read — allows fetching data (GET requests)
- Write — allows creating and updating data (POST/PUT/PATCH requests)
classes:read- list and read classescontent:read- list and read published contentclubs:read- look up clubs by slugtransactions:read- list and read billing transactions
Revoking a token
If a token is leaked or no longer needed, revoke it from Settings → API Tokens. Revocation is immediate — any integration using that token will stop working on its next request.Quick start
Fetch the list of clubs:Rate limiting
- 100 requests per minute per organization
- When exceeded, the API returns
429 Too Many Requestswith aRetry-Afterheader - Rate limit headers are included in every response:
X-RateLimit-Limit— max requests per windowX-RateLimit-Remaining— requests remainingX-RateLimit-Reset— seconds until the window resets
Errors
| Status | Meaning |
|---|---|
400 | Invalid request parameters |
401 | Missing or invalid API key |
403 | Token is missing the required scope for this endpoint |
404 | Resource not found (or doesn’t belong to your organization) |
429 | Rate limit exceeded |
500 | Internal server error |
Security best practices
- Never commit tokens to source control. Store them in environment variables or a secrets manager.
- Use the minimum required scopes. Don’t grant write access if only read is needed.
- Set an expiry on tokens used for short-term scripts or testing.
- Rotate tokens regularly and revoke any that are no longer in use.
- Never share tokens in emails, chat messages, or public channels.