Update User Details

Post

/api/v1/users.update

Use this endpoint to update the details of an existing user. This endpoint requires 2FA.
Permissions required:

edit-other-user-password: Permission to modify other user's passwords
edit-other-user-info_description: Permission to change other user's name, username or email address
edit-other-user-active-status: Permission to enable or disable other accounts

Changelog

Version	Description
7.0.0	Removed upsert behaviour and stopped allowing `joinDefaultChannels` param
0.48.0	Renamed to `users.update`
0.35.0	Added

Header parameters

X-User-Id

stringRequired

The authenticated user ID.

ExamplerbAXPnMktTFbNpwtJ

X-Auth-Token

stringRequired

The authenticated user token.

ExampleRScctEHSmLGZGywfIhWyRpyofhKOiMoUIpimhvheU3f

x-2fa-code

stringRequired

The 2fa code. See Introduction to Two-Factor Authentication.

Example148750

x-2fa-method

stringRequired

The desired method to get the 2FA code. It can be email, totp, or password.

Body parameters

Expand All

object

userId

string Required

The user ID to update. This value must not be empty.

ExampleBsNr28znDkG8aeo7W

data

object Required

The object that includes the user information to update with the following parameters. Note: If you provide an empty object, the user details are returned.

name

string

The name of the user.

ExampleExample User

string

The email ID of the user.

Example[email protected]

password

string

The password for the user.

Examplepassw0rd

username

string

The username for the user.

Exampleexample

active

boolean

Whether the user is active, which determines if they can login or not.

Defaulttrue

roles

Array of string

The roles the user has been assigned.

string

requirePasswordChange

boolean

Whether the user should be required to change their password when they login.

Defaultfalse

sendWelcomeEmail

boolean

Whether the user should get a welcome email.

Defaultfalse

verified

boolean

Whether the user's email address should be verified.

Defaulttrue

customFields

object

Any custom fields the user should have on their account. To save custom fields, you must first define the custom fields in the admin panel (Administration > Settings > Accounts > Registration > Custom Fields). For details on how to configure this field, see Custom Fields. For information on how to view the custom fields, see the Get Users List endpoint.

Example{ "clearance": "High", "team": "Queen" }

Responses

200

Success Example

{
  "user": {
    "_id": "BsNr28znDkG8aeo7W",
    "createdAt": "2016-09-13T14:57:56.037Z",
    "services": {
      "password": {
        "bcrypt": "$2a$10$5I5nUzqNEs8jKhi7BFS55uFYRf5TE4ErSUH8HymMNAbpMAvsOcl2C"
      }
    },
    "username": "uniqueusername",
    "emails": [
      {
        "address": "[email protected]",
        "verified": false
      }
    ],
    "type": "user",
    "status": "offline",
    "active": true,
    "roles": [
      "user"
    ],
    "_updatedAt": "2016-09-13T14:57:56.175Z",
    "name": "new name",
    "customFields": {
      "twitter": "userstwitter"
    }
  },
  "success": true
}

Expand All

object

user

object

_id

string

createdAt

string

services

object

password

object

bcrypt

string

username

string

emails

Array of object

object

address

string

verified

boolean

type

string

status

string

active

boolean

roles

Array of string

string

_updatedAt

string

name

string

customFields

object

twitter

string

success

boolean

400

Bad Request

Example 1

{
  "success": false,
  "error": "Editing user is not allowed [error-action-not-allowed]",
  "errorType": "error-action-not-allowed",
  "details": {
    "method": "insertOrUpdateUser",
    "action": "Editing_user"
  }
}

Expand All

object

success

boolean

error

string

errorType

string

details

object

method

string

action

string

401

Unauthorized

Authorization Error

{
  "status": "error",
  "message": "You must be logged in to do this."
}

object

status

string

message

string

Was this article helpful?