Skip to main content
PUT
/
auth
/
profile
Update Profile
curl --request PUT \
  --url https://api.example.com/auth/profile \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "email": "<string>"
}
'
{
  "id": 123,
  "name": "<string>",
  "email": "<string>",
  "role": "<string>",
  "createdAt": "<string>"
}

Overview

Updates the authenticated user’s profile information. Users can update their name and email address. All fields are optional.

Authentication

Required: This endpoint requires a valid JWT token in the Authorization header. 
Authorization: Bearer <your_token>

Request Body

All fields are optional. Only include the fields you want to update.
name
string
The user’s updated full name
email
string
The user’s updated email address. Must be a valid email format and unique in the system.

Request Example

{
  "name": "Jane Doe",
  "email": "jane.doe@example.com"
}

Partial Update Example

{
  "name": "Jane Doe"
}

Response

Returns the updated user object without sensitive data.
id
integer
Unique user identifier
name
string
User’s updated full name
email
string
User’s updated email address
role
string
User’s role (“customer” or “admin”)
createdAt
string
ISO 8601 timestamp of account creation

Response Example

{
  "id": 1,
  "name": "Jane Doe",
  "email": "jane.doe@example.com",
  "role": "customer",
  "createdAt": "2026-03-06T10:30:00.000Z"
}

Error Responses

401 Unauthorized

Returned when no valid authentication token is provided. 
{
  "error": "No autorizado"
}

404 Not Found

Returned when the user no longer exists in the system. 
{
  "error": "Usuario no encontrado"
}

400 Bad Request

Returned when validation fails (invalid email format). 
{
  "error": "Validation failed",
  "details": [
    "email must be a valid email"
  ]
}

409 Conflict

Returned when attempting to update to an email that’s already in use by another user. 
{
  "error": "El email ya está en uso"
}

Notes

  • Only the authenticated user can update their own profile
  • The user ID is extracted from the JWT token, not from the request body
  • Email addresses must be unique across all users
  • The role field cannot be updated through this endpoint
  • Password updates are not supported through this endpoint (use a dedicated password change endpoint)