Internal · Membership.io integration demo

The Membership.io gate

This is a visual walkthrough of how Book GPT and Ask Jeannie sit behind Membership.io auth. Toggle the member state on the right to see what each state looks like. When Tony wires the real iframe, the only thing that changes is the JWT source - the UI and gating logic stays the same.

Simulate member state

In production this comes from a Membership.io JWT in a signed cookie. Our edge function reads it, validates it, and sets the component props. No change to the app code.

Book GPT

Members only

Blocked

Not logged in. The iframe would redirect to Membership.io login. No cookie is set, no API call is made, no cost to XI.

Ask Jeannie

Members only (internal during pilot)

Blocked

Not logged in. The iframe would redirect to Membership.io login. No cookie is set, no API call is made, no cost to XI.

Mission Builder

Free · no gate

Always accessible. Doubles as a lead magnet - email capture at download feeds ActiveCampaign.

Open →

Compass v2

Free · no gate

Always accessible. Doubles as a lead magnet - email capture at download feeds ActiveCampaign.

Open →

ROI Calculator

Free · no gate

Always accessible. Doubles as a lead magnet - email capture at download feeds ActiveCampaign.

Open →

Request flow (production)

What happens when a member opens Ask Jeannie

Member

Clicks 'Ask Jeannie' inside Membership.io LMS

Membership.io embeds an iframe pointing at tools.experienceinvestigators.com/ask-jeannie. The iframe URL includes a signed JWT in the query string.

Cloudflare edge

Validates JWT on first request

Our middleware reads the JWT, verifies signature against Membership.io's public key, extracts memberId + tier. Sets a signed session cookie scoped to tools.experienceinvestigators.com.

Ask Jeannie API

Checks cookie, applies gate rules

If tier is 'member' → proceed. If 'free' or absent → return 403 with a link back to Membership.io upgrade page. No Claude API call billed.

Claude + KB

Answer generated, cached by memberId

Identical queries in a 5-minute window are cached per-member to reduce cost. Answer streamed back through the iframe to the member.

Analytics

Usage logged to Membership.io

Query count + tool name + latency logged via webhook to Membership.io, so XI sees engagement per member. No query content leaves XI's infra.

Technical spec

What Tony and Matt need to agree on

JWT contract

·sub: Membership.io member ID
·email: member email
·tier: "free" | "member" | "admin"
·exp: 1-hour expiration, iframe refreshes
·iss: "membership.io"
·Signed with Membership.io private key (Matt gets public key)

Iframe embed

·<iframe src="https://tools.experienceinvestigators.com/ask-jeannie?jwt=..." />
·width: 100%, min-height: 600px
·PostMessage for "resize to content" (optional)
·sandbox: allow-scripts allow-same-origin allow-forms

Gate rules

·Book GPT: tier=member (paid) required
·Ask Jeannie: tier=member (paid) required, admin for internal-only pilot
·Mission Builder, Compass, ROI, Keynote Brief, LinkedIn: free - no gate
·Rate limit: 100 queries/day/member for gated tools

Fallback behavior

·JWT missing → "Please log in to Membership.io" with upgrade CTA
·JWT invalid → same, plus email admin alert
·JWT expired → iframe auto-refreshes via Membership.io postMessage
·Tier insufficient → "Upgrade to access Book GPT" with plan link

Tony gets the JWT flow working in one call.

Matt owns the edge middleware + session cookie + gate rules. Tony owns JWT signing + iframe embed. 30-minute scoping call, 1-week implementation, 1-week dogfood before member-facing launch.

← Back to pipeline Pitch deck →