Guide

Update a user profile

Suggest Edits

An /entity call can be made to retrieve the user’s information to display to the user in the Edit Profile form.

$api_call= '/entity';
$params= array(
    'access_token'=> $_SESSION['access_token'],
    // attributes from the user record to retrieve values for
    'attributes'=> '["givenName", "familyName", "displayName", "email"]'
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Update profile data

The user information is then updated via the /oauth/update_profile_native operation.

$api_call= '/oauth/update_profile_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'access_token'=> $_SESSION['access_token'],
    // required form = editProfileForm
    'form'=> 'editProfileForm',
    // profile field(s) to update
    'firstName'=> $_POST['firstName'],
    'lastName'=> $_POST['lastName'],
    'displayName'=> $_POST['displayName'],
    'emailAddress'=> $_POST['email']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);
ResponseOutcome / Next Step
Success (ok)User’s record is updated.
Birthdate is not a valid date (invalid_form_fields)The birthdate field is a special field that must be sent as three (3) different field parameters: birthdate (dateselect_year); birthdate [dateselect_month); birthdate (dateselect_day).
Other field validation error (invalid_form_fields)The pertinent error message(s) defined in the Registration configuration will be returned. Provide validation message(s) to user so that they may correct these values and try again.

📘

User information that is stored as a plural cannot be updated via the oauth/update_profile_native operation. Instead, an /entity.update call must be made.


Do not use the entity.update call unless absolutely necessary. Why? Because this call skips over the data validation layer, which can result in data that does not conform to your validation rules.

The example below updates a plural called children. In this case, the user has one existing child in their profile, and is adding a second child’s information.

Notice that you must pass the user’s entire plural in the attributes parameter.

In the sample code above, the first child (June) has an id value. This value was auto-generated in the database when that child was created. The second child (Rex) is new, so there is no id yet. Once this call is made, the second child will be created and their id will auto-generate.

$api_call= '/entity.update';
$params= array(
    'access_token'=> $_SESSION['access_token'],
    // user's entire plural, including updates
    'attributes'=> '{"children": [{"age": "3", "gender": "F", "id": 1234, "name": "June"},{"age": "1", "gender": "M", "name": "Rex"}]}'
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

📘

In order to authorize an /entity.update call with the access token, you must add a write_with_token access schema to your login client. Include all data attributes in the access schema that you plan to edit via /entity.update. See Create an access schema.


Change password

A logged-in user can change their password directly via the /oauth/update_profile_native operation and the changePasswordForm. Note that this form and workflow is different than the Forgot password implementation.

$api_call= '/oauth/update_profile_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'access_token'=> $_SESSION['access_token'],
    // required form = changePasswordForm
    'form'=> 'changePasswordForm',
    // profile field(s) to update
    'currentPassword'=> $_POST['current_password'],
    'newPassword'=> $_POST['new_password'],
    'newPasswordConfirm'=> $_POST['confirm_password'],
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);
ResponseOutcome / Next Step
Success (ok)User’s record is updated with new password.

Updated over 1 year ago