Update mutable KYC user profile fields.
Allowed only while the user is still pre-verification. Once any of the
following hold, full_name and email lock and this endpoint
rejects the change with 409 so identity drift cannot silently break a
submitted KYC application:
kyc_status == approved(urbanpayx-decided approval)external_verification_status == verified(external attestation)verification_source != none(canonical post-decision state)- an identity verification applicant already exists for this user
To change a locked profile, superadmin must run kyc-reset first.
| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
Update the mutable profile fields (full_name, email) of a KYC user that belongs to your client. Only the fields you send are applied. The change is allowed only while the user is still pre-verification — once verification has started or completed, the identity fields lock and the request is rejected so a submitted application cannot silently drift. On success the updated user is returned and the change is recorded in your client's audit log.
Authentication & access
- Requires a client API token:
Authorization: Bearer <token>. - The caller must hold the
kyc.users.writepermission and have the OWNER or OPERATIONS role.
Path parameter
| Name | In | Description |
|---|---|---|
user_id | path | ID of the KYC user to update. Must belong to your client. |
Request body
Partial update — send only the fields you want to change.
| Field | Type | Constraints |
|---|---|---|
full_name | string | null | 1–255 characters. Leading/trailing whitespace is trimmed. A whitespace-only value is rejected. |
email | string (email) | null | Valid email format. Normalized to lowercase before storing. |
Notes:
- A field set to a value equal to the current stored value (after trimming/lowercasing) is treated as a no-op.
- If no field actually changes, the request succeeds and returns the user unmodified, with no audit entry written.
emailmust be unique within your client. Reusing an email already assigned to another user under the same client is rejected with409.
Profile lock after verification starts
full_name and email are locked once the user is no longer pre-verification. Any attempt to change either field after that point returns 409. The user is considered locked when any of the following hold:
- KYC status is
approved(UrbanpayX-managed decision). - External attestation status is
verified(external attestation mode). - The verification source is no longer
none(a verification decision has been recorded). - An identity verification has already been initiated for this user.
To change a locked profile, an UrbanpayX account manager must reset the user's verification first so it can be re-verified before identity fields are altered.
Response
200 OK with the full updated user object (UserResponse), including id, email, full_name, kyc_status, verification_mode, external_verification_status, verification_source, external_verification_provider, external_verification_ref, external_verified_at, is_active, and created_at.
Error responses
| Status | When |
|---|---|
404 | No user with user_id exists under your client |
409 | Profile fields are locked because verification has started or completed; or the requested email is already in use by another user within your client |
422 | Request body failed validation (e.g. full_name outside 1–255 chars or whitespace-only, malformed email) |
Standard 401 (authentication), 403 (insufficient permission or role), and 429 (rate limit) responses apply to every endpoint and are documented in the Error reference.