Update user profile
Use this API to update the profile information for an existing user.
Important Note: Users can freely update their profile information until a case has been assigned to a provider. Once a case is assigned, the following fields are locked: firstName, lastName, dob, and gender. This is a security measure because ID verification is performed before a case is assigned to a provider. If a user needs to update any of these locked fields, they must contact the support team for a manual update.
HTTP Request
POST <BASE_URL>/api/v1/users
Headers
| Header | Type | Description |
|---|---|---|
cv-api-key | string | Required. Your unique API key for authentication. |
Content-Type | string | Required. Must be application/json. |
Request Body
The request body is a JSON object with two top-level fields: action and data.
| Field | Type | Description |
|---|---|---|
action | string | Required. The action to be performed. This should always be UPDATE_PROFILE. |
data | object | An object containing the user's profile details to be updated. |
data Object
| Field | Type | Description |
|---|---|---|
email | string | Required. The user's email address. |
firstName | string | The user's first name. |
lastName | string | The user's last name. |
dob | string | The user's date of birth in YYYY-MM-DD format. |
gender | string | The user's gender. (e.g., MALE, FEMALE, OTHER) |
address | string | The user's street address. |
address2 | string | An optional second line for the address (e.g., apartment or suite number). |
city | string | The user's city. |
state | string | The user's state in 2-character abbreviation format. |
country | string | The user's country code in 2-character abbreviation format. |
postalCode | string | The user's postal code (must contain only digits). |
Example Request
curl --location '<BASE_URL>/api/v1/users' \
--header 'cv-api-key: <redacted>' \
--header 'Content-Type: application/json' \
--data-raw '{
"action": "UPDATE_PROFILE",
"data": {
"email": "john.doe@example.com",
"firstName": "John",
"lastName": "Doe",
"dob": "1995-10-01",
"phoneNumber": "+11111111111"
"gender": "MALE",
"address": "123 ABC street",
"address2": "Apt 2",
"city": "NYC",
"state": "NY",
"country": "US",
"postalCode": "01010"
}
}'
Success Response
A successful request returns a 200 status code and a JSON object containing the updated user details.
{
"status": 200,
"success": true,
"message": "Profile updated successfully",
"data": {
"user": {
"email": "john.doe@carevalidate.com",
"firstName": "John",
"lastName": "Doe",
"dob": "1995-10-01T00:00:00.000Z",
"phoneNumber": "+15513446634",
"gender": "MALE",
"address": "123 ABC street",
"address2": "Apt 2",
"city": "NYC",
"state": "NY",
"country": "US",
"postalCode": "01010"
}
}
}
Failure Responses
A request can fail for several reasons, returning a 400 Bad Request status code with an error message.
User does not exist:
If the email provided in the request body does not correspond to an existing user, the API will return this response.
{
"status": 400,
"success": false,
"message": "User {email} does not exist"
}
User does not exist in the organization:
If the user exists but is not part of the organization associated with the API key, the API will return this response.
{
"status": 400,
"success": false,
"message": "User {email} does not exist in the organization"
}
Not allowed to update the profile:
If the user's role is not USER, they are not permitted to update their own profile, and this response will be returned.
{
"status": 400,
"success": false,
"message": "Not allowed to update the profile"
}
Cannot update demographic fields:
If the user has an existing case with a status of Approved, Assigned, InProgress, NoDecision, or Rejected, they cannot update these primary identifier fields. This includes firstName, lastName, dob, and gender.
{
"status": 400,
"success": false,
"message": "Cannot update user profile fields (firstName, lastName, dob, gender) for user with cases"
}
Phone number already in use:
If the new phoneNumber provided is already associated with a different user, the API will return this error.
{
"status": 400,
"success": false,
"message": "Unable to use this phone number. Please use a different one"
}