Recomly APIEndpointsUsers
Update user
Update a member's roles or authentication settings.
PATCH /api/app/users/{email}
Updates a single org member's roles and password-authentication setting. Requires the admin role.
The roles field replaces the member's entire role list — it is not additive. An admin cannot remove their own admin role, and the last admin in an organization cannot lose their admin role.
The email path parameter must be URL-encoded (@ → %40).
Request
See API Basics for required headers.
Path parameters
| Parameter | Type | Description |
|---|---|---|
email | string | URL-encoded email address of the member to update. |
Request body
| Field | Type | Required | Description |
|---|---|---|---|
roles | string[] | Yes | Full replacement role list. Allowed values: "admin", "user". |
allowPasswordAuth | boolean | No | Whether the user may authenticate with email and password. Set to false for SSO-only access. |
Sample request
curl -X PATCH https://api.recomly.com/api/app/users/bob%40acmeplumbing.com \
-H "Authorization: Bearer rk_live_abc123:def456" \
-H "Content-Type: application/json" \
-d '{"roles": ["admin", "user"]}'Sample response
Status: 200 OK
{
"user": {
"email": "bob@acmeplumbing.com",
"roles": ["admin", "user"],
"allowPasswordAuth": true
}
}Error responses
See API Basics for standard status codes and error response format.
| Status | Meaning |
|---|---|
400 | Validation failure, self-lockout attempt, or removing the last admin role. |
403 | Caller does not have the admin role. |
404 | No member with that email exists in the organization. |