Glossary

MemberPass terminology in one place. Bookmark this if you're new or onboarding a team.

A

Ability string A fine-grained permission token carried by a Sanctum personal access token and checked at every API / MCP call. The format is <entity>:<action> (e.g. project-subscription-plan:create). See the ability catalog.

Access code An alphanumeric string you generate and hand out that a subscriber can redeem to activate a specific plan without paying. See Access codes (creator guide).

Active (subscription) A subscription that's paid up and currently granting access. One of the subscription statuses.

Actor kind Metadata on every activity-log row identifying the surface that took an action: human, api_token, mcp, zapier, webhook, or system. Lets you filter "show me everything Claude did yesterday".

Admin command A Telegram bot command available only to the project owner — /check and /ban. See Admin commands.

API token See Personal access token (PAT).

B

Bearer token Authorization header format used by REST API and MCP — Authorization: Bearer mpt_live_<id>_<secret> (production) or mpt_test_<id>_<secret> (non-production). See API authentication.

Banned (member) A member status indicating the person has been blocked from your project — typically via the /ban admin command. Banned members can't subscribe or interact with the bot.

Billing cycle How often a recurring subscription charges: Days, Weeks, Months, Years, or Lifetime. Combined with a billing cycle count (e.g. "every 3 Months").

Bot link A Telegram URL (t.me/YourBotName) that opens a chat with your project's bot. See Sharing your project.

C

Canceled (subscription) A subscription the subscriber or creator has cancelled. Access typically continues until the current paid period ends, then becomes Expired.

Churned (member) A member whose subscription has ended (cancelled, expired, or lapsed from payment failure).

Creator An individual or business running a MemberPass project. They have full access to the creator dashboard and their project's bot. Distinct from subscriber.

D

Dead letter The terminal state for a webhook delivery that failed every retry. Lives in the delivery log so you can manually replay once the downstream service is healthy. See retries & delivery.

Deep-link A URL-encoded action that opens a bot and performs an instruction — like auto-redeeming an access code or jumping straight to a specific plan. See Telegram deep-linking.

Direct charge A payment-processing model where MemberPass's transaction fee is automatically deducted from the charge at payment time. Currently only supported with Stripe.

Dual-signing Rotating a webhook secret while MemberPass continues to sign deliveries with both the old (v0) and new (v1) secrets for 24 hours, so consumers can roll out the new secret without downtime.

E

Event ID ULID attached to every webhook delivery, exposed in both the payload and the MP-Event-Id header. Use for consumer-side de-dup on retries.

Expired (subscription) A subscription that reached its cycle-end date and stopped granting access. Can result from cancellation, payment failure, or a one-time plan running out.

F

Free plan (creator) MemberPass's no-cost entry tier: up to 3 projects, 5,000 lifetime memberships, 5 access codes per cycle, 10 % transaction fee. See Activate your subscription.

G

Group (in Teams) An ad-hoc collection of team members with shared permissions. See Groups.

Growth plan MemberPass's highest standard creator plan: unlimited lifetime memberships, teams support, 1 % transaction fee. See Activate your subscription.

H

Handle A URL-friendly identifier for your project's public portal (e.g. my-community → my.memberpass.net/my-community). Starter-plan-and-above feature.

HMAC signature Hash-based message authentication carried in the MP-Signature header on every outbound webhook delivery. SHA-256 over <timestamp>.<raw_body> using the endpoint secret. See signature verification.

Horizon queue The named queue a job runs on. MemberPass ships three: default, webhooks, mcp.

I

Idempotency key A UUID the caller attaches to every write request on the REST API so retries are safe. See idempotency.

L

Lead (member) A member status: interacted with your bot but hasn't subscribed yet.

Lifetime (billing cycle) A one-time payment that grants access forever, no renewal.

Lifetime membership A subscription on a lifetime plan — pay once, keep access permanently. The only member category that counts against your plan's users limit.

Live (mode) A payment-method configuration pointing to production credentials — real money moves. Opposite of Test / Sandbox.

M

Magic link A one-time URL sent via email that signs a subscriber in to the portal without a password. Valid 15 minutes, single-use. See Subscriber portal sign-in.

MCP server Model Context Protocol server MemberPass exposes at mcp.memberpass.net so LLMs like Claude can drive the product. See MCP overview.

MCP tool A single callable operation an MCP client can invoke (e.g. list_projects). Every tool enforces one ability string.

MCP resource A read-only catalog an MCP client can fetch (e.g. memberpass://enums/subscription-status).

Member Used loosely: any person on your project's members list (Leads, Trialing, Customers, Churned, Banned). Don't confuse with team member.

Mode (payment method) Whether a payment method is Live (real transactions) or Test (sandbox).

N

Newcomers-only A plan filter that hides the plan from anyone who's subscribed before. Typical use: introductory offers.

O

One-time A plan (or subscription) where the subscriber pays once for a fixed duration. Access ends when the duration lapses — no auto-renewal.

P

Passkey A FIDO2-certified cryptographic credential that replaces passwords. See Passkeys (creator account).

Personal access token (PAT) A long-lived credential minted from Settings → API Tokens. Starts with mpt_. Carries a list of ability strings plus a scope:team:<uuid> tuple.

Payment method A configured payment provider on a project. You can enable multiple per project.

Plan Short for subscription plan — a pricing tier configurable with name, price, billing cycle, resources, trial rules, and eligibility filters. See Subscription plans.

Portal The web-based public face of a project, at my.memberpass.net/{handle}. Where subscribers can browse plans and manage memberships outside Telegram. See Via Web Portal.

Product sync The action of pushing your plans to a payment provider's own catalogue (Stripe products, PayPal plans, etc.) so the provider can handle recurring billing. Required for Stripe, PayPal, CoinPayments, and Razorpay.

Project The top-level container for a membership business: plans, payment methods, resources, subscribers, bot — all live inside one project. A creator can run multiple.

R

Rate limit bucket A named per-token quota (e.g. api-token, mcp) applied to a group of API or MCP calls. See rate limiting.

Recurring A subscription that auto-renews at each cycle. Opposite of one-time.

Replay window The 5-minute freshness check MemberPass recommends consumers apply to inbound webhooks: reject deliveries whose t= timestamp is more than 300 seconds off from now. See security.

Resource Something a plan unlocks — a Telegram channel, group, supergroup, or a manually-tracked digital good. See Resources.

Role (in Teams) A named bundle of permissions applied 1:1 to team members. See Roles.

S

Sanctum Laravel's first-party token authentication package. MemberPass mints personal access tokens backed by Sanctum's personal_access_tokens table.

Sandbox Alternative name for Test mode on payment methods. Real credentials aren't used; no real money moves.

Schema.org The vocabulary MemberPass embeds on my.memberpass.net/{handle} as JSON-LD so search engines and LLM-driven buyer agents can parse offerings (Organization, Product, Offer, SubscribeAction).

Scope tuple A non-ability entry in a token's abilities array that constrains where it can act. Two variants: scope:team:<uuid> (required) and scope:project:<uuid> (optional).

Secret rotation Replacing a webhook endpoint's signing secret. See webhook security.

Single-use (plan filter) A plan that a given subscriber can buy only once. After their first subscription, the plan hides from them.

Stripe Connect Stripe's mechanism for hosted onboarding of connected accounts — what MemberPass uses to onboard Stripe without you ever pasting API keys.

Subscriber An end customer of a creator — they pay to join a project. Distinct from creator and from team member.

Subscription The record of a subscriber's active (or past) purchase on a plan. See Managing subscriptions (creator) or Manage your subscription (subscriber).

T

Team A container for collaborators on a creator account. Growth plan and above. See Teams & Roles.

Team member A collaborator you've invited into your team. Distinct from subscriber / project user.

Tenant scope Laravel global scope that transparently filters every query to the authenticated user's current_team_id. See tenancy & scopes.

Traefik edge The Coolify-managed ingress that routes app. / my. / api. / mcp. subdomains to the same MemberPass container.

Telegram Stars (XTR) Telegram's native in-app currency. ~$0.013 USD per Star. See Telegram Stars.

Test (mode) A payment-method configuration using sandbox credentials for testing. Opposite of Live.

Transaction fee MemberPass's per-transaction cut on payments processed through your project. Varies by creator plan (10 % Free / 3 % Starter / 1 % Growth). See Transaction fees.

Trial A period of access without payment. Can be cardless (no payment method collected) or card-required (charged when trial ends). See Trial memberships.

Trial type Either "Once for project" (one trial across any plan) or "Once for plan" (one trial per plan).

Trialing (status) A subscriber currently inside a trial period.

U

Unlimited (plan limit) Shown as -1 in plan data. The Growth plan's lifetime-membership cap is unlimited.

Users limit The creator plan's cap on lifetime-membership subscribers. Normal recurring subscribers don't count toward this limit — see the plan footnotes on the creator subscription page.

V

Verified (email) An email address the subscriber has confirmed via a verification link. Required before it can be used for magic-link sign-in.

W

Webhook (inbound) A URL Telegram (or a payment provider) pushes events to. MemberPass receives webhooks from Telegram for bot events and from payment providers for billing events — all handled automatically. See Webhooks.

Webhook (outbound) A URL MemberPass posts events to on your infrastructure. Configured in Settings → Webhooks. See outbound webhooks.

Webhook delivery A single POST attempt from MemberPass to a webhook endpoint, with status (pending / delivered / failed / dead) and retry metadata.

Z

Zapier Zap A workflow inside Zapier that combines a trigger (e.g. MemberPass subscription.created) with one or more actions. See Zapier integration.