/oauth/update_profile_native

Updates a user profile based on input from a user in an edit profile form. To make this call, you must have a valid Registration access token for the user record to be updated.

Use this link for a video demo in Postman.

This endpoint includes the following methods:

  • POST

POST

Authentication

No authentication is required to call this endpoint.

Base URL

The base URL for this endpoint is your Identity Cloud Capture domain; for example:

https://educationcenter.us-dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:

Examples

Example 1: Update Profile Data

This command updates the displayName attribute for the user who was issued the access token z0y98xv76u5t4rs3.


  curl -X POST \
    --data-urlencode 'client_id=12345abcde12345abcde12345abcde12'\
    --data-urlencode 'flow=standard'\
    --data-urlencode 'flow_version=20190618143040022299''\
    --data-urlencode 'locale=en-US'\
    --data-urlencode 'form=editProfileForm'\
    --data-urlencode 'displayName=JaneDoe'\
    --data-urlencode 'access_token=z0y98xv76u5t4rs3'\
    'https://my-app.janraincapture.com/oauth/update_profile_native'
                                                            
      Running this command in Postman

Example 2: Update Profile Data in a Date Select Field

This command updates the birthdate attribute for the user who was issued the access token z0y98xv76u5t4rs3.


  curl -X POST \
    --data-urlencode 'client_id=12345abcde12345abcde12345abcde12'\
    --data-urlencode 'flow=standard'\
    --data-urlencode 'flow_version=20190618143040022299''\
    --data-urlencode 'locale=en-US'\
    --data-urlencode 'form=editProfileForm'\
    --data-urlencode 'birthdate[dateselect_year]=1930'\
    --data-urlencode 'birthdate[dateselect_month]=11'\
    --data-urlencode 'birthdate[dateselect_day]=3'\
    --data-urlencode 'access_token=z0y98xv76u5t4rs3'\
    'https://my-app.janraincapture.com/oauth/update_profile_native'
                                                            
      Running this command in Postman

Example 3: Change Password from Profile

This command changes the password for the user who was issued access token z0y98xv76u5t4rs3. Note that this command requires you to supply:

  • The user’s current password (currentPassword)
  • The user’s new password (newPassword)
  • Confirmation of the user’s new password (newPasswordConfirm)

  curl -X POST \
    --data-urlencode 'client_id=12345abcde12345abcde12345abcde12'\
    --data-urlencode 'flow=standard'\
    --data-urlencode 'flow_version=20190618143040022299''\
    --data-urlencode 'locale=en-US'\
    --data-urlencode 'form=changePasswordForm'\
    --data-urlencode 'currentPassword=password123'\
    --data-urlencode 'newPassword=Password1'\
    --data-urlencode 'newPasswordConfirm=Password1'\
    --data-urlencode 'access_token=z0y98xv76u5t4rs3'\
    'https://my-app.janraincapture.com/oauth/update_profile_native'
                                                            
      Running this command in Postman

Example 4 - Change Password from Reset Password Email

This command resets a user’s password after a reset password verification code has been submitted. (When you submit the reset password verification code you’ll be given an access token; that token must be used as the value of the access_token parameter.) Note that you only have to specify the user’s new password; you don’t have to supply the user’s old password.


  curl -X POST \
    --data-urlencode 'client_id=12345abcde12345abcde12345abcde12'\
    --data-urlencode 'flow=standard'\
    --data-urlencode 'flow_version=20190618143040022299''\
    --data-urlencode 'locale=en-US'\
    --data-urlencode 'form=changePasswordFormNoAuth'\
    --data-urlencode 'newPassword=Password2'\
    --data-urlencode 'newPasswordConfirm=Password2'\
    --data-urlencode 'access_token=z0y98xv76u5t4rs3'\
    'https://my-app.janraincapture.com/oauth/update_profile_native'
                                                            
      Running this command in Postman

Authorized Clients

  • login_client

Query Parameters

Parameter Type Required Description
access_token string Yes Registration access token returned after authentication or registration with a previous call (/oauth/auth_native/oauth/auth_native_traditional, and so on) if the response_type parameter was set to token. If the response_type was set to code, you must exchange the authorization code for an access token using the /oauth/token call.
 
client_id string Yes API client ID used to authenticate the call. This client must be configured with the login_client feature, which gives it permission to use login and registration-based API endpoints. API client permissions may be configured by using the clients/set_features endpoint.
 
flow string Yes Name of the flow configured with the login experience you want to use. This parameter corresponds to the janrain.settings.capture.flowName JavaScript setting used in widget- based implementations. The default flow provisioned with Registration applications is named the standard flow; if you have multiple flows, you can find a list of valid flow names using the Configuration API. You may cb this parameter if you configure the flow name in the default_flow_name setting for the API client used to make this call.
 
flow_version string Yes Version number of the flow set in the flow parameter. This parameter corresponds to the janrain.settings.capture.flowVersion JavaScript setting used in widget-based implementations; however, this call will not accept a version of HEAD. Instead, you must specify the version number if you want to use the most recent version. You can find a list of versions for your flow using the Configuration API. This parameter can be omitted if you you configure the flow version in the default_flow_version setting for the API client used to make this call.
 
form string Yes Name of the form to be used to for profile updates. This parameter determines the field names that must be included when submitting this API call. The default form name for user profile management configured for the standard flow is editProfileForm, but you can find a list of valid forms and associated fields for your flow using the Configuration API. This form name corresponds to the name of the JTL tag used for the associated form in widget-based implementations (for example, {* #editProfileForm *}).
 
(form fields) string Yes Names of any other fields that are configured in your flow with a profile management form. Each field must be passed as a separate parameter; you will use the field name as the key and the user input as the value. All fields  required in the flow for the form passed in the call must be included if the user record does not have existing data stored in the associated attribute. The default editProfileForm provisioned for the standard flow includes emailAddress, firstName, lastName, and displayName as required fields and several others as optional. You can find a list of valid fields for your profile management forms using the Configuration API. These field names correspond to the name of the JTL tags included inside the associated form in widget-based implementations.
 
locale string Yes Code for the language you want to use for the profile management experience. This parameter determines the language for any error messages returned to you and any emails sent by Akamai to users and corresponds to the janrain.settings.language JavaScript setting used in widget-based implementations. The default locale provisioned with the standard Registration flow is en-US; other locales must be configured in your flow. You can find a list of valid locales for your flow using the Configuration API.
 

Responses

200 OK

Successful Response

A successful call will return the simple response below:


{
  "stat": "ok"
}
                                                            

Error - Invalid Registration Access Token

The example error response below indicates that the Registration access token passed into the call is invalid or expired.


{
    "stat": "error",
    "code": 413,
    "error_description": "invalid access token",
    "error": "invalid_access_token",
    "request_id": "9xmecweny6bxt5n2"
}
                                                            

Error - Invalid Form

The example error response below indicates that the form value is not valid for the flow included in the call. Form names are case sensitive, so editprofileformwould fail if editProfileForm is the valid form name.


{
  "stat": "error",
  "code": 200,
  "error_description": "no such form 'editprofileform'",
  "error": "invalid_argument",
  "request_id": "rdfbsavfvzb2sxud"
}
                                                            

Error - Field Validation Errors

The example error response below indicates that validation failed for some fields configured with the form used in the call. All validation rules for these fields are checked, so you may receive errors for multiple fields and multiple errors on a single field. Validation errors are commonly encountered when a required field is missing, the email address or another unique field is already taken, or the user input does not pass formatting validation applied to a field. Note that if the user record does not have existing data stored for any field configured as required in the flow for the form passed in the call, that field must be included as a parameter. Thei nvalid_fields object will include field names mapped to a list of localized error messages from the flow for each validation that failed.


{
  "stat": "error",
  "code": 390,
  "error_description": "some inputs are invalid",
  "error": "invalid_form_fields",
  "request_id": "eyt2p5thkwch5h2h",
  "invalid_fields": {
    "displayName": [
      "That display name is already taken."
    ],
    "lastName": [
      "Last Name is required."
    ]
  }
}
                                                            

Error - Invalid Credentials

The example error response below indicates that the value entered for the user's current password failed on the change password form. The invalid_fieldsobject will include a localized error messages from the flow.


{
  "stat": "error",
  "code": 210,
  "error_description": "some inputs are invalid",
  "error": "invalid_credentials",
  "request_id": "zqnw6qzqxy2yvee8",
  "invalid_fields": {
    "changePasswordForm": [
      "Current password is incorrect. Please try again."
    ]
  }
}
                                                            

Error - Missing Required Parameters

The example error response below indicates that one of the required parameters for the call was not included. The error message will describe which parameter is missing.


{
  "stat": "error",
  "code": 100,
  "error_description": "missing arguments: flow",
  "error": "missing_argument",
  "request_id": "uyeem84bmqmnjuu4"
}
                                                            

Error - Invalid Flow Value

The example error response below indicates that the value provided for one or more of the flow, flow_version, or locale parameters is invalid. Flow versions are unique across environments, so check that the version value included in the call is for the correct environment (that is, your development or production application).


{
  "stat": "error",
  "code": 500,
  "error_description": "could not find a flow named 'standard' with version '12345abc-1234-abcd-1234-12345abcde12' and locale 'en-US'",
  "error": "unexpected_error",
  "request_id": "murynd7fhpysq6um"
}
                                                            

Error - Invalid API Client Permissions

The example error response below indicates that the API client used to make the call is not configured with the login_client feature.


{
  "stat": "error",
  "code": 403,
  "error_description": "This client does not support log in and registration.",
  "error": "permission_error",
  "request_id": "y3sthb9dey6mv65e"
}