Skip to main content

Cookie control banner

Necessary Cookies
These cookies are necessary for this website to function correctly. They are set when you perform certain actions on the site, such as creating an account, logging in, changing your privacy preferences or submitting a form. You can block these cookies in your browser, but this will stop parts of the site from working properly.
Functional Cookies
These cookies allow the website to provide extra functionality and more personalised experiences. They may be set by us or by third party providers whose services we have added to our pages. If you choose not to allow these cookies, these services may not work correctly.
Analytical Cookies
These cookies record anonymous data on how visitors use our website to help us monitor how well our website works. This data includes how many people have looked at specific pages, how long visitors stay on the site, and what devices they use. We use this data to identify changes that we could make to improve your experience and make our website more efficient.
Marketing Cookies
We set some cookies so you are shown more relevant marketing content. These include cookies from third-party advertising networks to show you different adverts on their services if you have previously visited our site. If you choose not to allow these cookies, you may experience less relevant advertising on other sites.
Browse Documentation
HTTP - Management

Patch update a user

Created by c.neale, last modified by zengenti on 17 Jun 2022

For efficiency and convenience a partial user resource can be sent to the user resource collection in a PATCH request in order to update a sub-set of properties on the user.



NameParameter typeTypeFormatDescriptionExampleRequired
UserIdentifierpathstringuser identifierFor convenience, User resources can be referenced by using one of several identifiers - username, email address or Id."82f73a9b-2a13-4d63-bcc1-e8ee5047b01c" or "t.durden" or ""true
Partial userbodyobjectpartial userA partial view of the user resourcetrue
Content Typeheaderstringhttp headerA Content-Type http header with value 'application/merge-patch+json; charset=utf-8'Content-Type: application/merge-patch+json; charset=utf-8true


Update just the user's name and some of the custom properties. Custom properties that already exist will be updated, those that don't will be created.

PATCH: /api/security/users/4b262379-5bbe-421e-a429-f6e2ab5a849b Content-Type: application/merge-patch+json; charset=utf-8 { "id": "e09e77b9-9dd9-4d46-b7dd-deb9702a5835", "username": "s.yearsley", "custom": { "department": "finance" } }


All properties of the user resource object are optional apart from the id.

Any value provided for expiry must be a future date.  To clear an expiry date set the expiry property to null.

As shown in the example, a special header value of 'application/merge-patch+json; charset=utf-8' is required for the Content-Type http header.



Members of System Administrators are permitted to patch any user.

Authenticated standard user accounts are permitted to patch their own user.


HTTP status codeReasonModel
404User not foundError
500Internal server errorError