Update user by sub (Admin)

PUT 
/user-srv/users/:sub

Update user profile information by subject identifier. This endpoint is restricted to administrators and group administrators.

Access Control:

• Requires cidaas:userupdate and cidaas:users_write scopes
• Requires admin roles: ADMIN, SECONDARY_ADMIN, SUPER_ADMIN, or USER_CREATE
• Requires membership in CIDAAS_ADMINS group
• Group administrators can also update users within their managed groups

Update Options:

1. Update system fields using userData (SocialIdentity) with a given identityId and provider - both must exist and comply to user's current identity
2. Update custom fields via customFields object
3. Update user status via userStatus and user_status_reason
4. Enable/disable MFA via mfa_enabled

Important Notes:

• System fields and custom fields can be unassigned by setting the field name with value "" or null
• Fields can only be updated if they are enabled in Field Settings
• Read-only fields can be updated by admins (users cannot update them)
• Internal fields are accessible via this admin endpoint
• The provider in userData must not be changed
• The identityId in userData must match an existing identity for the user

Error Codes:

• 400 (Bad Request): Invalid request data, such as:
  • Identity with specified identityId and provider does not exist for the user
  • Invalid field values or data format
  • Failed to prepare user update data
• 401 (Unauthorized): Missing or invalid authentication token, or user lacks required admin permissions (not a member of CIDAAS_ADMINS group or missing required roles)
• 404 (Not Found): User with the specified sub does not exist, or sub parameter is empty or "ANONYMOUS"
• 417 (Expectation Failed): Request body validation failed, such as:
  • Invalid field values
  • Missing required fields
  • Field update restrictions violated (e.g., trying to update disabled fields)

Request

Responses

200

Success

400

Bad Request

401

Unauthorized

404

Not Found

417

Expectation Failed