Documentation
MEMBERSHIP TIERS, ACCESS & PARTNER PROGRESSION
How the 2nth platform membership works — from free Explorer through to Investor and Board. Including partner onboarding, access control, and authentication across all properties.
1. MEMBERSHIP TIERS
| Tier | Price | Tokens | Email Type | Target |
| Explorer | Free | 50K | Personal OK | Platform exploration, first brief |
| Starter | $100 / R1,850 | 500K | Personal OK | Landing pages, focused sprints |
| Designer | $500 / R9,200 | 3M | Organisation required | Web apps, brand systems |
| Builder | $1,000 / R18,500 | 8M | Organisation required | Full SaaS MVPs with APIs |
| Partner | Custom | 1M–10M | Organisation required | White-label, revenue share |
| Investor | By invitation | — | Whitelist-gated | Board, data room, IP dashboard |
Personal emails: Accepted for Explorer and Starter tiers only. This allows solo founders and individuals to explore the platform. Designer tier and above requires an organisation email to verify the business relationship.
2. PLATFORM ACCESS BY TIER
| Property | Explorer | Starter | Designer | Builder | Partner | Investor |
| 2nth.ai |
✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| mem.2nth.ai |
✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
| 2nth.io |
— | — | — | ✓ | ✓ | ✓ |
| developers.2nth.ai |
— | — | — | ✓ | ✓ | ✓ |
| 2nth.org |
— | — | — | — | — | ✓ |
| 2nth.me |
Independent — own auth, optional bridge to 2nth.ai |
2nth.io access: Only Builder tier and above get infrastructure provisioning. Starter and Designer cannot deploy servers. They must upgrade to Builder to access managed hosting.
3. AUTHENTICATION MODEL
Per-Property Authentication
| Property | Auth Method | Session Cookie | Identity Source |
|---|
| 2nth.ai | Magic link + JWT | 2nth_session on .2nth.ai | Own D1 database |
| mem.2nth.ai | Email + OTP | 2nth_mem_session | Own KV store |
| 2nth.io | OTP via 2nth.ai SSO | 2nth_io_session | 2nth.ai OAuth |
| 2nth.org | OTP via 2nth.ai SSO | 2nth_org_token | 2nth.ai OAuth + whitelist |
| developers.2nth.ai | ID + 4-digit PIN | dev_access / 2nth_session | Hardcoded + KV fallback |
| 2nth.me | Email + OTP | 2nth_me_session | Own KV store (independent) |
SSO Architecture
2nth.ai (Identity Provider)
├── OAuth2/OIDC endpoints
├── JWT signing (HS256)
├── User accounts in D1
│
├── 2nth.io ──── SSO via OAuth redirect
├── 2nth.org ─── SSO via OAuth redirect + email whitelist
├── developers ─ JWT session on .2nth.ai domain + PIN fallback
├── mem.2nth.ai ─ Own OTP auth (planned: SSO Phase 3)
│
└── 2nth.me ──── Independent (own OTP, own KV, no SSO)
Future SSO (Phase 3, May 2026): mem.2nth.ai will authenticate via 2nth.ai OAuth. The user signs in once on 2nth.ai and the session carries across to mem, io, developers, and org. Currently each property has its own auth for dev testing.
4. MEMBER JOURNEY
New Member Onboarding
Enter email
→
OTP code
→
Profile setup
→
Pick tier
→
Accept terms*
→
Account active
* Terms acceptance required for Starter tier and above. Explorer skips this step.
Tier Upgrade Path
Explorer
→
Starter
→
Designer
→
Builder
→
Partner
→
Investor
| Transition | How | What Changes |
|---|
| Explorer → Starter | Self-service payment ($100) | +450K tokens, terms acceptance required |
| Starter → Designer | Self-service payment ($500) | +2.5M tokens, org email required, production deployment |
| Designer → Builder | Self-service payment ($1,000) | +5M tokens, 2nth.io access, developer portal access |
| Builder → Partner | Application + admin approval | Partner hub, showcases, skills, revenue share, partner terms |
| Any → Investor | Invitation only | 2nth.org access, data room, IP dashboard, board observer |
5. PARTNER PROGRESSION
Becoming a Partner
Partnership is not a tier you buy — it's a relationship. Builders who demonstrate domain expertise and want to contribute to the ecosystem can apply for partnership.
Builder tier active
→
Apply via mem portal
→
Admin reviews
→
Partner terms signed
→
Partner active
What Partners Get
| Asset | Where | Description |
|---|
| Partner Profile | developers.2nth.ai | Dedicated page with team, capabilities, skills, contract details |
| AI Showcase | developers.2nth.ai | Interactive demo page showing AI transformation for their domain |
| Concept Demos | developers.2nth.ai | Working prototypes (e.g. SkiSpot, Boris, Toolpath Optimiser) |
| Skill Contributions | skills.2nth.ai | Domain skills added to the 2nth skill tree (agentskills.io format) |
| Partner Hub Section | developers.2nth.ai | Scoped section in the hub — only visible to them + admins |
| Token Allocation | mem.2nth.ai | Custom allocation (1M–10M) based on partnership agreement |
| Revenue Share | Partner agreement | 5–30% on client referrals (ZAR) |
Partner Hub Access Control
| What | How |
|---|
| Each partner has a scope | data-scope attribute on their hub group (e.g. scengineering) |
| Server-side filtering | Middleware strips HTML groups before serving — partners can't see other partners' sections |
| Path-level access | /partners/gananda.html returns 403 for non-gananda users |
| Admin can grant/revoke | Checkboxes on each group header — persisted via API to KV |
| View As impersonation | Admin dropdown to preview hub as any user |
Partner Authentication
| Method | Details |
|---|
| ID + PIN | 4-digit PIN assigned on onboarding. Quick sign-in for daily use. |
| Scope | Comma-separated list of sections visible (e.g. dronescan,scengineering) |
| Admin assigns | Currently manual — admin sets ID, PIN, and scope in config |
| Future | Auto-generate from mem.2nth.ai when partner role is approved |
6. CURRENT PARTNERS
| Partner | Type | ID | Scope | Tokens |
|---|
| SC Engineering (incl. SkiSpot) | Premium Build | murray | dronescan,scengineering | 10M |
| B2BS.AI | Premier Developer | craig-b2b | full | — |
| Proximity Green | Technology | mark | proximity-green | — |
| VibeCrafters | Design Agency | emma | vibecrafters | — |
| Ctrl Future | AI Strategy | kath | ctrl-future | — |
| Republic Lifestyle | Manufacturing | republic | republic-lifestyle | — |
| Gananda Connect | Financial Advisory | barry | full | — |
| EatFitSA | Medical | erica | eatfitsa | 5M |
| Jonty Jankovich-Besan | Consulting | jonty | jankovich | — |
| Rohrs & Associates | Cash & Payments | barryr | rohrs | 2M |
| DurPro | Workforce | jacqui | durpro | — |
| DroneScan | Warehouse IoT | jasper | dronescan,scanman,luthuli | — |
7. ADMIN CAPABILITIES
Member Management (mem.2nth.ai)
| Action | How |
|---|
| View all members | Account → Admin panel — list with name, email, tier, tokens |
| Change tier | Inline dropdown — tokens auto-update to tier allocation |
| Change role | Inline dropdown — user / partner / admin |
| Auto-detect admins | Emails from 2nth.ai, 2nth.io, b2bs.co.za, imbila.ai → auto admin |
Partner Hub Access (developers.2nth.ai)
| Action | How |
|---|
| See who has access | Checkbox panel on each group showing all users |
| Grant access | Check a user's checkbox → scope updated via API |
| Revoke access | Uncheck → scope updated, toast confirms |
| Downgrade full-access | Uncheck a full-access user → confirmation prompt → converted to specific scopes |
| View As | Dropdown to see the hub exactly as any user sees it |
| User management | /admin/users.html — full table with PINs, scopes, sign-in links |
8. PRIVACY & COMPLIANCE
| Requirement | Status |
|---|
| Passwordless auth | ✓ All properties use OTP or magic link |
| HttpOnly + Secure cookies | ✓ All properties |
| Zero tracking | ✓ No analytics, no third-party scripts |
| Consent management | ✓ 6 toggles on mem.2nth.ai (registration, service, updates, marketing, data sharing, analytics) |
| Data export | ✓ Per-category JSON/CSV + full ZIP on mem.2nth.ai |
| Account deletion | ✓ Email confirmation → 30-day cooling → permanent removal |
| Terms versioning | ✓ v1.0 April 2026, timestamped consent records |
| POPIA Section 22 breach register | Planned Q2 2026 |
| Data retention purge | Planned Q3 2026 |
Full compliance framework: See the
member management skill review for the complete POPIA/GDPR implementation plan including schema, API endpoints, and phased rollout.
9. ROADMAP
| Phase | When | What |
|---|
| Phase 1 | Now | Separate auth per property, manual partner onboarding, KV storage |
| Phase 2 | May 2026 | mem.2nth.ai reads token balance from 2nth.ai D1 via API |
| Phase 3 | May 2026 | Full SSO — all properties authenticate via 2nth.ai OAuth |
| Phase 4 | Q3 2026 | Self-service partner onboarding, auto-generate hub credentials from mem |
| Phase 5 | Q3 2026 | 2nth.me token bridge — human skills tokens convert to 2nth.ai project tokens |
Last updated: 5 April 2026. This document is maintained on mem.2nth.ai and reflects the current state of the platform.