put__organization_users_{userId}

PUT /organization/users/{userId}

Update Organization User

Update user information in the authenticated user's organization. This endpoint requires user management permissions (WORKSPACES role or higher) and both users must be in the same organization. Only the fields provided in the request body will be updated.

Path Parameters

Name

Type

Required

Description

» userId

string

true

Unique identifier of the user to update

Request Body

Name

Type

Required

Restrictions

Description

» name

string

false

none

User's first name

» lastName

string

false

none

User's last name

» orgRole

integer

false

none

User's organization role (0x00-0xff)

TypeScript Client Library

// Using the Flashback TypeScript client
import { FlashbackClient } from '@flashback/client';

const client = new FlashbackClient({
  accessToken: 'your-access-token'
});

// Update an organization user
try {
  const result = await client.organization.users.update('user-id', {
    name: 'Updated',
    lastName: 'Name',
    orgRole: 1
  });
  console.log('User updated:', result);
} catch (error) {
  console.error('Failed to update user:', error);
}

Code Samples

# You can also use wget
curl -X PUT https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000 \
  -H 'Accept: application/json' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer {access-token}' \
  -d '{
    "name": "Updated",
    "lastName": "Name",
    "orgRole": 1
  }'

PUT https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000 HTTP/1.1
Host: localhost:3000
Accept: application/json
Content-Type: application/json
Authorization: Bearer {access-token}

{
  "name": "Updated",
  "lastName": "Name",
  "orgRole": 1
}

const headers = {
  'Accept':'application/json',
  'Content-Type':'application/json',
  'Authorization':'Bearer {access-token}'
};

const body = {
  name: "Updated",
  lastName: "Name",
  orgRole: 1
};

fetch('https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000',
{
  method: 'PUT',
  headers: headers,
  body: JSON.stringify(body)
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json',
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

body = {
  name: "Updated",
  lastName: "Name",
  orgRole: 1
}

result = RestClient.put 'https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000',
  body.to_json, headers: headers

p JSON.parse(result)

import requests
import json

headers = {
  'Accept': 'application/json',
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

body = {
  "name": "Updated",
  "lastName": "Name",
  "orgRole": 1
}

r = requests.put('https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000', 
                 headers=headers, 
                 data=json.dumps(body))

print(r.json())

<?php

require 'vendor/autoload.php';

$headers = array(
    'Accept' => 'application/json',
    'Content-Type' => 'application/json',
    'Authorization' => 'Bearer {access-token}',
);

$body = array(
    'name' => 'Updated',
    'lastName' => 'Name',
    'orgRole' => 1
);

$client = new \GuzzleHttp\Client();

try {
    $response = $client->request('PUT','https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000', array(
        'headers' => $headers,
        'json' => $body
       )
    );
    print_r($response->getBody()->getContents());
 }
 catch (\GuzzleHttp\Exception\BadResponseException $e) {
    // handle exception or api errors.
    print_r($e->getMessage());
 }

URL obj = new URL("https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("PUT");
con.setRequestProperty("Accept", "application/json");
con.setRequestProperty("Content-Type", "application/json");
con.setRequestProperty("Authorization", "Bearer {access-token}");
con.setDoOutput(true);

String jsonInputString = "{\"name\":\"Updated\",\"lastName\":\"Name\",\"orgRole\":1}";

try(OutputStream os = con.getOutputStream()) {
    byte[] input = jsonInputString.getBytes("utf-8");
    os.write(input, 0, input.length);
}

int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());

package main

import (
       "bytes"
       "encoding/json"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json"},
        "Content-Type": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    body := map[string]interface{}{
        "name": "Updated",
        "lastName": "Name",
        "orgRole": 1,
    }

    jsonBody, _ := json.Marshal(body)
    data := bytes.NewBuffer(jsonBody)
    req, err := http.NewRequest("PUT", "https://backend.flashback.tech/organization/users/550e8400-e29b-41d4-a716-446655440000", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}

Example responses

200 Response

{
  "success": true,
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "[email protected]",
    "name": "Updated",
    "lastName": "Name",
    "orgId": "123e4567-e89b-12d3-a456-426614174000",
    "orgRole": 1,
    "validated": true,
    "deletedAt": null,
    "orgRoleDescription": "BILLING",
    "orgRoles": [0, 1]
  },
  "message": "User updated successfully"
}

400 Response

{
  "success": false,
  "data": {},
  "message": "Invalid role combination"
}

403 Response

{
  "success": false,
  "data": {},
  "message": "Insufficient permissions to update users"
}

404 Response

{
  "success": false,
  "data": {},
  "message": "User not found"
}

500 Response

{
  "success": false,
  "data": {},
  "message": "Internal server error"
}

Responses

Status

Meaning

Description

Schema

200

User updated successfully

Inline

400

Bad Request

Invalid input data or role combination

Inline

403

Forbidden

Insufficient permissions or users not in same organization

Inline

404

Not Found

User not found

Inline

500

Internal Server Error

Internal server error

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

Updated user data

»» id

string

false

none

Unique identifier for the user

»» email

string

false

none

User's email address

»» name

string

false

none

User's first name

»» lastName

string

false

none

User's last name

»» orgId

string

false

none

Organization identifier

»» orgRole

integer

false

none

User's organization role (0x00-0xff)

»» validated

boolean

false

none

Whether the user's email is validated

»» deletedAt

string (date-time)

false

none

Deletion timestamp (null if active)

»» orgRoleDescription

string

false

none

Human-readable role description

»» orgRoles

[integer]

false

none

Array of available roles for the user

» message

string

false

none

Success message

Status Code 400

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

Empty object (no user data)

» message

string

false

none

Error message describing the validation issue

Status Code 403

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

Empty object (no user data)

» message

string

false

none

Error message describing the permission issue

Status Code 404

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

Empty object (no user data)

» message

string

false

none

Error message describing the issue

Status Code 500

Name

Type

Required

Restrictions

Description

» success

boolean

false

none

Indicates if the request was successful

» data

object

false

none

Empty object (no user data)

» message

string

false

none

Error message describing the server issue

Enumerated Values

Parameter

Value

Description

» orgRole

0x00

USER - Default role with basic access

» orgRole

0x01

BILLING - Can manage billing and subscriptions

» orgRole

0x02

WORKSPACES - Can manage workspaces and team members

» orgRole

0xfe

ADMINISTRATOR - Administrative access

» orgRole

0xff

OWNER - Full organization access

Security

BearerAuth: Bearer token authentication required
Permissions: Requires WORKSPACES role or higher to access user management functions
Organization Access: Both users must be in the same organization
Role Modification: Current user must have sufficient permissions to modify the target user's role

Notes

Only the fields provided in the request body will be updated
Role changes are subject to permission checks - users can only assign roles they have permission to manage
Email addresses cannot be changed through this endpoint
The validated and deletedAt fields are managed by the system and cannot be modified

Previousget__organization_users_{userId}Nextdelete__organization_users_{userId}

Last updated 27 days ago

Was this helpful?