Skip to main content
PUT
/
api
/
adm
/
users
/
memberUser
Update Member Profile
curl --request PUT \
  --url https://localhost:44371/api/adm/users/memberUser \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "email": "[email protected]",
  "id": "<string>",
  "firstName": "<string>",
  "lastName": "<string>",
  "companyId": "<string>",
  "isCompanyAdmin": true,
  "projectIds": [
    "<string>"
  ]
}
'
{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Description

Provides a self-service endpoint for member users to update their own profile information without requiring administrator privileges. This endpoint allows users to modify a restricted set of fields (typically name, phone, and contact preferences) but prevents modification of security-sensitive fields like email, password, or active status, which require administrator intervention or separate authenticated workflows.

Input

  • Body: model (MemberUserUpdateCommandRequest, required) — Profile update including:
    • firstName (string, optional) — Updated first name.
    • lastName (string, optional) — Updated last name.
    • phoneNumber (string, optional) — Updated phone number.

Output

Returns a UserUpdateCommandResponse indicating whether the member profile update was successful.

Example Request

PUT /api/admin/users/member-update
Content-Type: application/json
Authorization: Bearer {token}

{
  "firstName": "John",
  "lastName": "Smith",
  "phoneNumber": "555-0199"
}

Example Response

{
  "success": true,
  "code": 200,
  "errorMessage": null
}

Errors

  • 400 Bad Request — Validation errors on submitted fields or field exceeds maximum length.
  • 401 Unauthorized — Missing or invalid authentication token.
  • 403 Forbidden — User is attempting to modify restricted fields or another user’s profile.
  • 404 Not Found — The authenticated user’s account no longer exists.

Notes

  • Users can only update their own profile through this endpoint.
  • Email and password changes must use separate authenticated workflows for security.
  • Active status cannot be modified by members (administrator only).
  • User identity is determined from the authentication token, not request body.
  • Changes take effect immediately and are visible in the next authenticated request.
  • This endpoint does not require AdminUI policy, only valid user authentication.

Authorizations

Authorization
string
header
required

The access token received from the authorization server in the OAuth 2.0 flow.

Body

application/json

The profile update request containing only the fields the member user is allowed to modify (name, phone, preferences).

Represents the command payload for updating a member user's association data.

email
string<email>
required

The email address that uniquely identifies the user.

Maximum string length: 250
id
string<guid>

The unique identifier of the user being updated.

firstName
string | null

First Name

Maximum string length: 150
lastName
string | null

Last Name

Maximum string length: 150
companyId
string<guid>

The identifier of the company context for the update.

isCompanyAdmin
boolean

Indicates whether the user is an administrator for the company.

projectIds
string<guid>[] | null

The collection of project identifiers assigned to the user.

Response

Always returned. Check the success property in the response body to determine if the operation succeeded.

Standard response structure containing operation status and error information. Standard command response indicating the result of a data modification. Represents the response returned after updating user information.

success
boolean

True if the operation completed successfully; false if an error occurred.

Example:

true

code
enum<string>

Result code indicating the outcome of the operation.

Available options:
Unknown,
Success,
BadRequest,
Unauthorized,
NotFound,
Error
Example:

200

errorMessage
string | null

Human-readable error message when an error occurs.

Example:

null