Update user

Perform an UPDATE request to the Authentication endpoint to update the user data.

Only the owner of the data can update it. This mechanism was implemented to prevent other authenticated users from updating other users data.

Note that Authentication endpoints are secured by default, so you have to include the Access token in the request. See below Request Cookies or Request headers.

Request data

HTTP method: PUT

URL format: https://baseUrl/versionNumber/customEndpointRoute/userEndpoint?key=apiKey&uniqueId=uniqueId[&dataOnly=true]

Example:

https://app.rested.dev/api/1/ce/examples/auth?key=d59eb2859c284168ac48aef65046d5dd&uniqueId=lhgsdfisgdifgsiy47f7s47f[&dataOnly=true]

Request Parameters

The following table describes the Request parameters.

Parameter	Description	Required
baseUrl	Base url for calling the API. Value: app.rested.dev/api	Yes
versionNumber	Service version. Value: The current value is 1.	Yes
customEndpointRoute	The route which identifies custom endpoints. Default value: ce	Yes
userEndpoint	The endpoint name generated by the user. Value: the name created at https://app.rested.dev	Yes
key	The API Key of the project.	Yes
uniqueId	The identifier of the record to be updated.	Yes
dataOnly	If used, the endpoint response will be the POST body, without additional information such as ‘uniqueId’. Value: true	No
masterKey	Overrides the need for Access tokens or restrictions applied to Authentication endpoints. Don't use this key in your client application. For more information please refer to projects. Value: the masterKey created at https://app.rested.dev.	No
strategy	A strategy allows you to choose how the data is updated. Values: force - (default) replaces the content regardless of the type. merge - merges objects, it only works with JSON. replace - replaces the entire content, types must be the same. Remember that, in authentication endpoints, username and password are required fields. If after the update these values are not present the endpoint will return an error.	No

Request Cookies

Header	Description	Required
__Secure-rested-access-token	The Access token is required for secure endpoints. It is obtained when doing a login and it is stored in an httpOnly cookie. To automatically include it in the request you need to set the following property: // using fetch { credentials: 'include' } // using axios { withCredentials: true } Alternatively you can also use the Authorization header. For more information please refer to  the login documentation and Secure Endpoints documentation.	Yes - if endpoint is secure and Authorization header is not used

Request Headers

Header	Description	Required
Authorization	The Access token is required for secure endpoints. You should use this header if you are not using the httpOnly cookie to access a Secure endpoint. For more information please refer to  the login documentation and Secure Endpoints documentation.	Yes - if endpoint is secure and httpOnly cookie is not used

Response data

Error codes

Error code	Description
400	Possible reasons: Endpoint or API Key not valid. Wrong Content-Type, it only accepts "text/plain" or "application/json". Empty Request body. uniqueId is not present in the URL. No record was found. username or password are not present in the request body. User is not the owner of the data.
401	Possible reasons: Missing Access Token. Invalid credentials. Token expired. No user found.
403	Missing API Key, not allowed origin or disallowed request without orign.

Successful response

The new data in the record.

Example:

{
uniqueId: "3f38bf9e1bb54d2396d1f1b8fbba1630",
data: { username: "usernameeee" },
createdAt: "2020-12-27T10:58:45.000Z",
updatedAt: "2020-12-27T10:58:45.000Z"
}