> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Update User

> Update information about a user. Any fields which are omitted in the request will be left unchanged.



## OpenAPI

````yaml server-api PATCH /users/{userId}
openapi: 3.0.0
info:
  description: Authsignal's Server API.
  version: 1.0.0
  title: Server API
  termsOfService: https://www.authsignal.com/legal/terms-of-service
  contact:
    email: hello@authsignal.com
servers:
  - url: https://api.authsignal.com/v1
  - url: https://au.api.authsignal.com/v1
  - url: https://eu.api.authsignal.com/v1
  - url: https://ca.api.authsignal.com/v1
security:
  - basicAuth: []
tags:
  - name: users
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: challenge
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: authenticator configurations
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: actions
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: query
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: email
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: sms
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: verify
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: challenges
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: sessions
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
  - name: devices
    description: ''
    externalDocs:
      description: Find out more
      url: https://docs.authsignal.com
externalDocs:
  description: Find out more about Authsignal
  url: https://docs.authsignal.com
paths:
  /users/{userId}:
    patch:
      tags:
        - users
      summary: Update user
      description: >-
        Update information about a user. Any fields which are omitted in the
        request will be left unchanged.
      operationId: updateUserById
      parameters:
        - $ref: '#/components/parameters/userId'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                custom:
                  type: object
                  description: >-
                    A JSON object which can include any key/value pairs. Should
                    be provided when using rules based on your own data points.
                username:
                  type: string
                  description: >-
                    The username used as the primary identifier for passkeys,
                    e.g. an email address.
                displayName:
                  type: string
                  description: >-
                    The display name used as an optional secondary identifier
                    for passkeys, e.g. the user's full name.
                email:
                  type: string
                  description: The user's email address.
                emailVerified:
                  type: boolean
                  description: >-
                    Set this to true if the user's email address has already
                    been verified in your own system. This will result in any
                    email OTP or magic link authenticators being updated to
                    reflect the new email address, and the next email challenge
                    will be sent to the new email address.
                  default: false
                phoneNumber:
                  type: string
                  description: The user's phone number in E.164 format.
                phoneNumberVerified:
                  type: boolean
                  description: >-
                    Set this to true if the user's phone number has already been
                    verified in your own system. This will result in any SMS
                    authenticators being updated to reflect the new number and
                    the next SMS challenge will be sent to the new phone number.
                  default: false
                locale:
                  $ref: '#/components/schemas/Locale'
                defaultVerificationMethod:
                  $ref: '#/components/schemas/VerificationMethod'
                  description: >-
                    The default verification method to use for the user. If not
                    provided, the default verification method will be the first
                    verification method which the user has enrolled.
            example:
              email: jane.smith@authsignal.com
              emailVerified: true
              phoneNumber: '+12345678901'
              phoneNumberVerified: true
              username: jane.smith@authsignal.com
              displayName: Jane Smith
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UpdateUserResponse'
        '400':
          $ref: '#/components/responses/InvalidRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
components:
  parameters:
    userId:
      name: userId
      in: path
      description: The ID of the user.
      required: true
      schema:
        type: string
  schemas:
    Locale:
      type: string
      description: >-
        The locale of the user in BCP 47 format. Used to localize the pre-built
        UI, email, and SMS messages.
      pattern: ^[a-z]{2}(-[a-zA-Z]{2,})?$
      example: es
    VerificationMethod:
      type: string
      enum:
        - SMS
        - AUTHENTICATOR_APP
        - EMAIL_MAGIC_LINK
        - EMAIL_OTP
        - PUSH
        - DEVICE
        - SECURITY_KEY
        - PASSKEY
        - VERIFF
        - IPROOV
        - PALM_BIOMETRICS_RR
        - IDVERSE
    UpdateUserResponse:
      type: object
      properties:
        userId:
          type: string
          description: The user's ID.
        email:
          type: string
          description: The user's email address.
        phoneNumber:
          type: string
          description: The user's phone number in E.164 format.
        username:
          type: string
          description: >-
            The username used as the primary identifier for passkeys, e.g. an
            email address.
        displayName:
          type: string
          description: >-
            The display name used as an optional secondary identifier for
            passkeys, e.g. the user's full name.
        custom:
          type: object
          description: >-
            A JSON object which can include any key/value pairs. Should be
            provided when using rules based on your own data points.
      xml:
        name: UpdateUserResponse
    Error:
      type: object
      properties:
        error:
          type: string
        errorDescription:
          type: string
      required:
        - error
  responses:
    InvalidRequest:
      description: Invalid Request
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    Unauthorized:
      description: Unauthorized
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic
      description: >-
        Use your Authsignal Server API secret key as the username and leave the
        password empty. The secret key can be found in the API Keys section of
        the Authsignal Portal settings page.

````