Updates account-related information for the specified user by setting specific fields or applying action codes. Requests from administrators and end users are supported.
HTTP request
POST https://identitytoolkit.googleapis.com/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts:update
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
targetProjectId |
The project ID for the project that the account belongs to. Specifying this field requires Google OAuth 2.0 credential with proper permissions. Requests from end users should pass an Identity Platform ID token instead. Authorization requires the following IAM permission on the specified resource
|
tenantId |
The tenant ID of the Identity Platform tenant that the account belongs to. Requests from end users should pass an Identity Platform ID token rather than setting this field. |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "idToken": string, "localId": string, "displayName": string, "email": string, "password": string, "provider": [ string ], "oobCode": string, "emailVerified": boolean, "upgradeToFederatedLogin": boolean, "captchaChallenge": string, "captchaResponse": string, "validSince": string, "disableUser": boolean, "instanceId": string, "delegatedProjectNumber": string, "photoUrl": string, "deleteAttribute": [ enum ( |
Fields | |
---|---|
idToken |
A valid Identity Platform ID token. Required when attempting to change user-related information. |
localId |
The ID of the user. Specifying this field requires a Google OAuth 2.0 credential with proper permissions. For requests from end-users, an ID token should be passed instead. |
displayName |
The user's new display name to be updated in the account's attributes. The length of the display name must be less than or equal to 256 characters. |
email |
The user's new email to be updated in the account's attributes. The length of email should be less than 256 characters and in the format of |
password |
The user's new password to be updated in the account's attributes. The password must be at least 6 characters long. |
provider[] |
The Identity Providers that the account should be associated with. |
oobCode |
The out-of-band code to be applied on the user's account. The following out-of-band code types are supported: * VERIFY_EMAIL * RECOVER_EMAIL * REVERT_SECOND_FACTOR_ADDITION * VERIFY_AND_CHANGE_EMAIL |
emailVerified |
Whether the user's email has been verified. Specifying this field requires a Google OAuth 2.0 credential with proper permissions. |
upgradeToFederatedLogin |
Whether the account should be restricted to only using federated login. |
captchaChallenge |
|
captchaResponse |
The response from reCaptcha challenge. This is required when the system detects possible abuse activities. |
validSince |
Specifies the minimum timestamp in seconds for an Identity Platform ID token to be considered valid. |
disableUser |
If true, marks the account as disabled, meaning the user will no longer be able to sign-in. |
instanceId |
|
delegatedProjectNumber |
|
photoUrl |
The user's new photo URL for the account's profile photo to be updated in the account's attributes. The length of the URL must be less than or equal to 2048 characters. |
deleteAttribute[] |
The account's attributes to be deleted. |
returnSecureToken |
Whether or not to return an ID and refresh token. Should always be true. |
deleteProvider[] |
The Identity Providers to unlink from the user's account. |
lastLoginAt |
The timestamp in milliseconds when the account last logged in. |
createdAt |
The timestamp in milliseconds when the account was created. |
phoneNumber |
The phone number to be updated in the account's attributes. |
customAttributes |
JSON formatted custom attributes to be stored in the Identity Platform ID token. Specifying this field requires a Google OAuth 2.0 credential with proper permissions. |
mfa |
The multi-factor authentication related information to be set on the user's account. This will overwrite any previous multi-factor related information on the account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions. |
linkProviderUserInfo |
The provider to be linked to the user's account. Specifying this field requires a Google OAuth 2.0 credential with proper permissions. |
Response body
If successful, the response body contains an instance of SetAccountInfoResponse
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.