PingOne Platform APIs

Update a User Credential

   

PUT {{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}

Use the PUT {{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}} request to add or modify a field value in the specified user credential.

Changing expiresAt causes revocation of the credential on that date.

Changing notification.template affects only this specific credential for its life span.

Prerequisites

Request Model

Refer to User Credentials data model for full property descriptions.

Property Type Required

credentialType.id

String

Required

data

Object

Optional

data.<field>

String

Required/Optional

expiresAt

DateTime

Optional

notification.template

Object

Optional

notification.template.locale

String

Required

notification.template.variant

String

Required

notification.template.variables

Object[]

Required/Optional

All data must be provided in the data object. Anything not included will default to null and any missing required fields cause an error.

After receipt of this request, if the optional notification object is present, the credential service uses the credential_updated notification template to send notice of the update to the user via email or SMS text. The notification.template object can define a variant and locale for the notifications, if needed.

Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

Body

raw ( application/json )

{
    "credentialType": {
        "id": "{{credentialTypeID}}"
    },
    "data": {
        "Limitations": "Daytime driving only"
    }
}

Example Request

  • cURL

  • C#

  • Go

  • HTTP

  • Java

  • jQuery

  • NodeJS

  • Python

  • PHP

  • Ruby

  • Swift

curl --location --globoff --request PUT '{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "credentialType": {
        "id": "{{credentialTypeID}}"
    },
    "data": {
        "Limitations": "Daytime driving only"
    }
}'
var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Put);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""credentialType"": {" + "\n" +
@"        ""id"": ""{{credentialTypeID}}""" + "\n" +
@"    }," + "\n" +
@"    ""data"": {" + "\n" +
@"        ""Limitations"": ""Daytime driving only""" + "\n" +
@"    }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}"
  method := "PUT"

  payload := strings.NewReader(`{
    "credentialType": {
        "id": "{{credentialTypeID}}"
    },
    "data": {
        "Limitations": "Daytime driving only"
    }
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
PUT /environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}} HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "credentialType": {
        "id": "{{credentialTypeID}}"
    },
    "data": {
        "Limitations": "Daytime driving only"
    }
}
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"credentialType\": {\n        \"id\": \"{{credentialTypeID}}\"\n    },\n    \"data\": {\n        \"Limitations\": \"Daytime driving only\"\n    }\n}");
Request request = new Request.Builder()
  .url("{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}")
  .method("PUT", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
var settings = {
  "url": "{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}",
  "method": "PUT",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "credentialType": {
      "id": "{{credentialTypeID}}"
    },
    "data": {
      "Limitations": "Daytime driving only"
    }
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
var request = require('request');
var options = {
  'method': 'PUT',
  'url': '{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "credentialType": {
      "id": "{{credentialTypeID}}"
    },
    "data": {
      "Limitations": "Daytime driving only"
    }
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
import requests
import json

url = "{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}"

payload = json.dumps({
  "credentialType": {
    "id": "{{credentialTypeID}}"
  },
  "data": {
    "Limitations": "Daytime driving only"
  }
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("PUT", url, headers=headers, data=payload)

print(response.text)
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}');
$request->setMethod(HTTP_Request2::METHOD_PUT);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "credentialType": {\n        "id": "{{credentialTypeID}}"\n    },\n    "data": {\n        "Limitations": "Daytime driving only"\n    }\n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Put.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "credentialType": {
    "id": "{{credentialTypeID}}"
  },
  "data": {
    "Limitations": "Daytime driving only"
  }
})

response = http.request(request)
puts response.read_body
let parameters = "{\n    \"credentialType\": {\n        \"id\": \"{{credentialTypeID}}\"\n    },\n    \"data\": {\n        \"Limitations\": \"Daytime driving only\"\n    }\n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/users/{{userID}}/credentials/{{credentialID}}")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "PUT"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()

Example Response

200 OK

{
    "_links": {
        "self": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/40407df4-dfa8-4abb-9389-5c1eb1417f80/credentials/20549a89-8a32-4bff-a958-3a1383817fb2"
        },
        "environment": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
        },
        "users": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/users/40407df4-dfa8-4abb-9389-5c1eb1417f80"
        },
        "credentialTypes": {
            "href": "https://api.pingone.com/v1/environments/abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6/credentialTypes/524349a7-498f-4f10-abad-9cf750dd99f4"
        }
    },
    "id": "20549a89-8a32-4bff-a958-3a1383817fb2",
    "createdAt": "2025-04-02T20:00:04.568Z",
    "updatedAt": "2025-04-02T21:05:10.170432711Z",
    "environment": {
        "id": "abfba8f6-49eb-49f5-a5d9-80ad5c98f9f6"
    },
    "user": {
        "id": "40407df4-dfa8-4abb-9389-5c1eb1417f80"
    },
    "credentialType": {
        "id": "524349a7-498f-4f10-abad-9cf750dd99f4",
        "version": {
            "number": 1,
            "uri": "https://api.pingone.com/v1/distributedid/credentialTypes/524349a7-498f-4f10-abad-9cf750dd99f4/v1",
            "id": "d568e429-242d-4e1c-8c9c-14f1424aecb5"
        }
    },
    "data": {
        "Limitations": "Daytime driving only"
    },
    "title": "Managed Credential Developers",
    "status": "ISSUED"
}