The Clubtreasurer Membership API lets you display and manage your club’s membership and billing data on your own website or application — member lists, membership details, invoices and balances — always live, straight from your Clubtreasurer account.
What you can do:
- List and search your members
- Read full member details, including parent/guardian and emergency contacts
- Update a member’s contact details or section
- List your membership types and each member’s membership assignments
- List invoices and balances, for one member or your whole organisation
What you’ll need:
- API credentials (a Client ID and Client Secret) issued by Clubtreasurer — contact support@clubtreasurer.com to request them
- A server-side environment to call the API from (PHP, Node.js, Python, .NET, etc.)
⚠️ Your Client Secret is a password for your club’s data. Never put it in website JavaScript, mobile apps, or anything else that runs on your users’ devices — anyone could read it there. All API calls should be made from your own server. If you believe your secret has been exposed, contact support immediately and we will revoke and re-issue it.
Base URL
All API requests use this base URL:
https://myclubtreasurer.com/apex/prod/api/v1
All requests must use HTTPS. All responses are JSON.
Step 1 — Get an access token
The API uses the industry-standard OAuth 2.0 Client Credentials flow. You exchange your Client ID and Secret for a short-lived access token, then send that token with every API call.
POST https://myclubtreasurer.com/apex/prod/oauth/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials
Authenticate the request with HTTP Basic auth — username = Client ID, password = Client Secret.
curl example:
curl -s -X POST "https://myclubtreasurer.com/apex/prod/oauth/token" \
-u "YOUR_CLIENT_ID:YOUR_CLIENT_SECRET" \
-d "grant_type=client_credentials"
Response:
{
"access_token": "cfd8avMuKwcwjFNrCF-lyQ",
"token_type": "bearer",
"expires_in": 3600
}
Tokens are valid for 1 hour (expires_in is in seconds). Cache the token and reuse it until it expires, then request a new one — do not request a new token for every API call.
Step 2 — Call the API
Send the token in the Authorization header of every request:
curl -s -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
"https://myclubtreasurer.com/apex/prod/api/v1/members/"
Node.js example (token + first call):
const BASE = "https://myclubtreasurer.com/apex/prod/api/v1";
const TOKEN_URL = "https://myclubtreasurer.com/apex/prod/oauth/token";
async function getToken(clientId, clientSecret) {
const res = await fetch(TOKEN_URL, {
method: "POST",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic " + Buffer.from(`${clientId}:${clientSecret}`).toString("base64"),
},
body: "grant_type=client_credentials",
});
if (!res.ok) throw new Error(`Token request failed: ${res.status}`);
return (await res.json()).access_token; // cache this for up to 1 hour
}
async function listMembers(token) {
const res = await fetch(`${BASE}/members/?status=Active`, {
headers: { Authorization: `Bearer ${token}` },
});
if (!res.ok) throw new Error(`API call failed: ${res.status}`);
return (await res.json()).items;
}
Pagination
List endpoints return up to 50 records per page. Page through results with ?offset= and ?limit=:
GET /members/?offset=0&limit=50 → records 1–50
GET /members/?offset=50&limit=50 → records 51–100
Every list response includes "hasMore": true/false — keep increasing offset until hasMore is false. The response also includes ready-made first/next links in the links array.
Response envelope (all list endpoints):
{
"items": [ { ... }, { ... } ],
"hasMore": true,
"limit": 50,
"offset": 0,
"count": 50,
"links": [ ... ]
}
Endpoints
All dates are returned as YYYY-MM-DD strings. Field names in responses are lower-case.
List members
GET /members/
Optional filters: ?status=Active (member status) · ?section_id=3
Each item: id, ref_id, first_name, last_name, email, telephone_num1, section_id, mem_status, gender, dob, join_date.
Get one member (full detail)
GET /members/{id}
Returns everything from the list plus: email2, telephone_num2, telephone_num3, address fields (address1–address3, addresstown, addresscounty, addresspostcode, addresscountry), gift_aid, and contact records — parent/guardian 1 (pc1_first_name, pc1_last_name, pc1_email1, pc1_phone1), parent/guardian 2 (pc2_...), and emergency contact (emc_first_name, emc_last_name, emc_phone1).
Returns 404 if the member does not exist in your organisation.
Update a member
PUT /members/{id}
Content-Type: application/json
Partial update — only the fields you include in the JSON body are changed; everything else is left untouched. Updatable fields (camelCase or snake_case both accepted):
email, email2, telephoneNum1, telephoneNum2, telephoneNum3, address1, address2, address3, addressTown, addressCounty, addressPostcode, addressCountry, sectionId
curl -s -X PUT \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"email": "new.address@example.com", "telephoneNum1": "07700 900123"}' \
"https://myclubtreasurer.com/apex/prod/api/v1/members/420"
Responses: 200 updated · 404 member not found in your organisation (nothing changed) · 401 credentials no longer valid.
List membership types
GET /memberships/
Your organisation’s membership types. Each item: id, mem_name, mem_ref, mem_desc, billing_cycle, status.
A member’s membership assignments
GET /members/{id}/memberships
Current (non-archived) membership assignments, newest first. Each item: id, mem_map_name, mem_name, status, start_date, earliest_end_date, cancellation_date, billing_cycle, payment_term.
A member’s invoices
GET /members/{id}/billing
Optional filters: ?status= (invoice status) · ?date_from=2026-01-01 · ?date_to=2026-12-31 (invoice date range)
Each item: id, mem_map_id, mem_map_name, bill_from_date, bill_to_date, journal_date, due_amt, t_paid_amt, balance, inv_status, comments.
All invoices for your organisation
GET /billing/
Optional filters: ?member_id= · ?status= · ?date_from= · ?date_to=
Each item adds the member’s identity: member_id, first_name, last_name, ref_id.
Get one invoice (full detail)
GET /billing/{id}
Adds original_amt, mem_name, billing_cycle to the list fields. Returns 404 if the invoice is not in your organisation.
Status codes & error handling
| Code | Meaning | What to do |
|---|---|---|
| 200 | Success | — |
| 401 | Missing/expired/invalid token, or your API access has been revoked | Request a new token; if it persists, contact support |
| 404 | Record doesn’t exist in your organisation | Check the ID; you can never read another club’s data |
| 500 / 555 | Unexpected server error (e.g. malformed request) | Check your request format; contact support if it persists |
Your credentials are scoped to your organisation only — every request returns your club’s data and nothing else.
Good-practice checklist
- ✅ Call the API from your server, never from browser/mobile code
- ✅ Store the Client Secret in server configuration (environment variable / secrets store), not in source code
- ✅ Cache the access token and reuse it for its 1-hour lifetime
- ✅ Handle
401by fetching a fresh token once, then failing gracefully - ✅ Use the filters (
status,date_from, …) rather than downloading everything and filtering locally - ✅ Cache responses on your side where freshness allows (e.g. member lists for a few minutes)
Support
- Credentials, questions, problems: support@clubtreasurer.com
- Please include the approximate time of any failing request and the HTTP status code you received (never send us your Client Secret).
Version
| Version | Date | Notes |
|---|---|---|
| v1 | July 2026 | First release: members (read/update), memberships, billing (read) |