Hey OKTA folks,
I’m not sure if this has been pointed out before but a developer on my team noticed some weird behavior when attempting to do a partial update to the user profile using POST /api/v1/users/<user_id>
For background, we’re trying to port an existing set of APIs to point to OKTA so we can avoid making too many changes to our application while we migrate. Our application has different endpoints for changing the user’s username and changing the user’s email address (along with other profile attributes)
If I have a user with login ‘dave.ortiz’ and email ‘dave.ortiz@test.com’ I would expect the following API call to update my JUST my email address
curl --request POST
–url https://endurance-brand-1.okta.com/api/v1/users/00u15hvqf1YdWTigu357
–header ‘Accept: application/json’
–header ‘Authorization: SSWS ************’
–data ’ {“profile”: { “email”: “dave.ortiz-1@test.com”}}’
However, what we’re seeing is the following response where both the login and email address change.
Is this the intended behavior to change both fields?
{
“id”: “00u15hvqf1YdWTigu357”,
“status”: “PROVISIONED”,
“created”: “2019-08-20T11:44:29.000Z”,
“activated”: “2019-08-20T11:44:29.000Z”,
“statusChanged”: “2019-08-20T11:44:29.000Z”,
“lastLogin”: null,
“lastUpdated”: “2019-09-23T18:29:27.000Z”,
“passwordChanged”: null,
“profile”: {
“firstName”: “Dave”,
“lastName”: “Ortiz”,
“mobilePhone”: null,
“secondEmail”: null,
“login”: “dave.ortiz-1@test.com”,
“email”: “dave.ortiz-1@test.com”
},
“credentials”: {
“emails”: [
{
“value”: “dave.ortiz-1@test.com”,
“status”: “VERIFIED”,
“type”: “PRIMARY”
}
],
“provider”: {
“type”: “OKTA”,
“name”: “OKTA”
}
},
