Update User
Partially updates a user's data for the authenticated company. Only the fields included in the request body are updated; omitted fields remain unchanged.
Rules:
nameandroleIdcan only be updated for active users.- The user's email cannot be changed.
- Users with the MAIN profile cannot be updated.
- The last administrator (RESPONSIBLE) of the account cannot be demoted.
- Returns 404 if the user does not belong to the authenticated company.
curl -X PATCH "https://api-sandbox.contasimples.com/users/v1/users/550e8400-e29b-41d4-a716-446655440000" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_API_TOKEN" \
-d '{
"name": "John Smith",
"roleId": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c"
}'
import requests
import json
url = "https://api-sandbox.contasimples.com/users/v1/users/550e8400-e29b-41d4-a716-446655440000"
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_API_TOKEN"
}
data = {
"name": "John Smith",
"roleId": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c"
}
response = requests.patch(url, headers=headers, json=data)
print(response.json())
const response = await fetch("https://api-sandbox.contasimples.com/users/v1/users/550e8400-e29b-41d4-a716-446655440000", {
method: "PATCH",
headers: {
"Content-Type": "application/json",
"Authorization": "Bearer YOUR_API_TOKEN"
},
body: JSON.stringify({
"name": "John Smith",
"roleId": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c"
})
});
const data = await response.json();
console.log(data);
package main
import (
"fmt"
"net/http"
"bytes"
"encoding/json"
)
func main() {
data := []byte(`{
"name": "John Smith",
"roleId": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c"
}`)
req, err := http.NewRequest("PATCH", "https://api-sandbox.contasimples.com/users/v1/users/550e8400-e29b-41d4-a716-446655440000", bytes.NewBuffer(data))
if err != nil {
panic(err)
}
req.Header.Set("Content-Type", "application/json")
req.Header.Set("Authorization", "Bearer YOUR_API_TOKEN")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
fmt.Println("Response Status:", resp.Status)
}
require 'net/http'
require 'json'
uri = URI('https://api-sandbox.contasimples.com/users/v1/users/550e8400-e29b-41d4-a716-446655440000')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
request = Net::HTTP::Patch.new(uri)
request['Content-Type'] = 'application/json'
request['Authorization'] = 'Bearer YOUR_API_TOKEN'
request.body = '{
"name": "John Smith",
"roleId": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c"
}'
response = http.request(request)
puts response.body
{
"id": "550e8400-e29b-41d4-a716-446655440000",
"email": "joao.silva@empresa.com.br",
"name": "John Smith",
"phone": "11999999999",
"role": {
"id": "8a3f1b2c-4e5d-6f7a-8b9c-0d1e2f3a4b5c",
"name": "Accountant"
},
"active": true
}
{
"error": "Bad Request",
"message": "The request contains invalid parameters or malformed data",
"code": 400,
"details": [
{
"field": "email",
"message": "Invalid email format"
}
]
}
{
"error": "Unauthorized",
"message": "Authentication required. Please provide a valid API token",
"code": 401
}
{
"error": "Not Found",
"message": "The requested resource was not found",
"code": 404
}
{
"error": "Internal Server Error",
"message": "An unexpected error occurred on the server",
"code": 500,
"requestId": "req_1234567890"
}
/users/v1/users/{userId}Target server for requests. Edit to use your own host.
Bearer token from OAuth 2.0 client credentials. Format: Bearer {token}
Bearer {token}User ID (UUID v4) — use the id field value returned by GET /users/v1/users (e.g., 550e8400-e29b-41d4-a716-446655440000).
The media type of the request body
User's full name.
Profile ID to assign to the user — use GET /users/v1/roles to get available IDs.
Request Preview
Response
Response will appear here after sending the request
Authentication
Bearer token. Bearer token from OAuth 2.0 client credentials. Format: Bearer {token}
Path Parameters
User ID (UUID v4) — use the id field value returned by GET /users/v1/users (e.g., 550e8400-e29b-41d4-a716-446655440000).
Body
User's full name.
Profile ID to assign to the user — use GET /users/v1/roles to get available IDs.
Responses
User ID.
User email.
User’s name.
User phone number.
Access profile assigned to the user in the company.
Unique identifier of the access profile.
Access profile name (e.g. Accountant, Administrator).
Whether the user is active.
Invalid request. Check the parameters you sent.
Unauthorized. Token missing, invalid, or expired.
Resource not found. Check IDs, paths, and permissions.
Internal server error. Retry with exponential backoff.