Edit User - API

/rest/{version}/users/{userId}/update

Descriptor	Value

Descriptor	Value
HTTP Method	POST
Description	Updates user information. To obtain the userId value in the endpoint, run the Get Users - API call first. The user's id value in the response is the userId value that you use in this endpoint.
Required Permission	Manage Users
Version Introduced	2.6
Changes in 2.6.2	Removed requirement that 'confirmPassword' parameter be included when changing password.

Request Header Parameters

Parameter	Value	Required	Description

Parameter	Value	Required	Description
Accept	String	Yes	A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter	Value	Required	Description

Parameter	Value	Required	Description
name	String	No	Updates the name of the user. Maximum 40 characters.
displayName	String	No	Updates the displayName of the user.
type	String	No	Updates a LOCAL user to LDAP/SAML, an LDAP user to LOCAL/SAML, or a SAML user to LOCAL/LDAP. Possible values are LOCAL, LDAP, and SAML.
activeDirectoryId	String	Possibly	Updates a non-LDAP user to LDAP user with 'type' and 'activeDirectoryId' parameters. Required when 'type' is in the request body and its value is 'LDAP'.
password	String	Possibly	Updates password of an existing local user. Also, adds password to a non-LOCAL user update to LOCAL user. Minimum 12 characters. Required when 'confirmPassword' is in the request body.
confirmPassword	String	Possibly	Must match password if supplied. Required when 'password' is in the request body in versions prior to 2.6.2
globalRoleId	String	No	Updates user's global role. Possible values are 0 for Read Access, -1 for No Global Access, Role ids.

Sample Call:

curl -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'name=user123&displayName=user123' https://localhost:8443/threadfix/rest/latest/users/{userId}/update

Sample Output:

{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Successfully updated the user."
}