docs

app/controllers/api/teams.php

@@ -810,11 +810,10 @@ App::get('/v1/teams/:teamId/memberships')
                     if (!$totpEnabled && !$emailEnabled && !$phoneEnabled) {
                         $mfa = false;
                     }
-
-                    $membership->setAttribute('mfa', $mfa);
                 }
 
                 $membership
+                    ->setAttribute('mfa', $mfa)
                     ->setAttribute('userName', $user->getAttribute('name'))
                     ->setAttribute('userEmail', $user->getAttribute('email'));
             }
@@ -882,6 +881,11 @@ App::get('/v1/teams/:teamId/memberships/:membershipId')
                     $mfa = false;
                 }
             }
+
+            $membership
+                ->setAttribute('mfa', $mfa)
+                ->setAttribute('userName', $user->getAttribute('name'))
+                ->setAttribute('userEmail', $user->getAttribute('email'));
         }
 
         $membership->setAttribute('teamName', $team->getAttribute('name'));

docs/references/teams/get-team-member.md

@@ -1 +1 @@
-Get a team member by the membership unique id. All team members have read access for this resource.
+Get a team member by the membership unique id. All team members have read access for this resource. Hide sensitive attributes (userName, userEmail and mfa) from the response by disabling teams sensitive data in the Console.

docs/references/teams/list-team-members.md

@@ -1 +1 @@
-Use this endpoint to list a team's members using the team's ID. All team members have read access to this endpoint.
+Use this endpoint to list a team's members using the team's ID. All team members have read access to this endpoint. Hide sensitive attributes (userName, userEmail and mfa) from the response by disabling teams sensitive data in the Console.

src/Appwrite/Utopia/Response/Model/Membership.php

@@ -36,13 +36,13 @@ class Membership extends Model
             ])
             ->addRule('userName', [
                 'type' => self::TYPE_STRING,
-                'description' => 'User name.',
+                'description' => 'User name. Hide this attribute by disabling teams sensitive data in the Console.',
                 'default' => '',
                 'example' => 'John Doe',
             ])
             ->addRule('userEmail', [
                 'type' => self::TYPE_STRING,
-                'description' => 'User email address.',
+                'description' => 'User email address. Hide this attribute by disabling teams sensitive data in the Console.',
                 'default' => '',
                 'example' => 'john@appwrite.io',
             ])
@@ -78,7 +78,7 @@ class Membership extends Model
             ])
             ->addRule('mfa', [
                 'type' => self::TYPE_BOOLEAN,
-                'description' => 'Multi factor authentication status, true if the user has MFA enabled or false otherwise.',
+                'description' => 'Multi factor authentication status, true if the user has MFA enabled or false otherwise. Hide this attribute by disabling teams sensitive data in the Console.',
                 'default' => false,
                 'example' => false,
             ])