---
title: Update PingOne access control scope
description: The PUT {{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}} operation updates the property values of the identified access control scope. At this time, PingOne supports updates for the p1:read:user:{suffix} and p1:update:user:{suffix} platform scopes.
component: pingone-api
page_id: pingone-api:platform:resources/resource-scopes/update-pingone-access-control-scope
canonical_url: https://developer.pingidentity.com/pingone-api/platform/resources/resource-scopes/update-pingone-access-control-scope.html
section_ids:
  prerequisites: Prerequisites
  headers: Headers
  body: Body
  example-request: Example Request
---

# Update PingOne access control scope

##

```none
PUT {{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}
```

The `PUT {{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}` operation updates the property values of the identified access control scope. At this time, PingOne supports updates for the `p1:read:user:{suffix}` and `p1:update:user:{suffix}` platform scopes.

To update the list of accessible user schema attributes, the request body must specify the scope `name` and it must expressly list the accessible user attributes in the `schemaAttributes` property. Any user schema attributes not specified in the `schemaAttributes` property list are not accessible. The response returns a `200 OK` message, and it shows the updated property data for the modified scope resource.

|   |                                                                                                                                                                                                                                                            |
| - | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|   | The `p1:update:user:{suffix}` self-service scope is **not granted** if the user authenticates with an authoritative identityProvider - the user has a `user.identityProvider.id` value set and their `user.identityProvider.type` value is not `PING_ONE`. |

### Prerequisites

* Refer to [Resources](../../resources.html), especially [Resource operations](../../resources.html#resource-operations) for important overview information.

* [Read all resources](../resources-1/read-all-resources.html) to find the `resourceID` for the endpoint. Use the `resourceID` with the `name` "PingOne API" and the `type` "PINGONE\_API".

> **Collapse: Request Model**
>
> | Property           | Type      | Required? |
> | ------------------ | --------- | --------- |
> | `description`      | String    | Optional  |
> | `name`             | String    | Required  |
> | `schemaAttributes` | String\[] | Required  |
>
> Refer to the [Resource scopes data model](../resource-scopes.html#resource-scopes-data-model) for full property descriptions.

### Headers

Authorization      Bearer {{accessToken}}

Content-Type      application/json

### Body

raw ( application/json )

```json
{
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": ["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"]
}
```

##

### Example Request

* cURL

* C#

* Go

* HTTP

* Java

* jQuery

* NodeJS

* Python

* PHP

* Ruby

* Swift

```shell
curl --location --globoff --request PUT '{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": ["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"]
}'
```

```csharp
var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}")
{
  MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Put);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@"    ""name"": ""p1:update:user""," + "\n" +
@"    ""description"": ""An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property""," + "\n" +
@"    ""schemaAttributes"": [""name.family"", ""name.given"", ""email"", ""address.streetAddress"", ""address.locality"", ""address.region"", ""address.postalCode"", ""address.countryCode"", ""primaryPhone"", ""mobilePhone""] " + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);
```

```golang
package main

import (
  "fmt"
  "strings"
  "net/http"
  "io"
)

func main() {

  url := "{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}"
  method := "PUT"

  payload := strings.NewReader(`{
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": ["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"]
}`)

  client := &http.Client {
  }
  req, err := http.NewRequest(method, url, payload)

  if err != nil {
    fmt.Println(err)
    return
  }
  req.Header.Add("Content-Type", "application/json")
  req.Header.Add("Authorization", "Bearer {{accessToken}}")

  res, err := client.Do(req)
  if err != nil {
    fmt.Println(err)
    return
  }
  defer res.Body.Close()

  body, err := io.ReadAll(res.Body)
  if err != nil {
    fmt.Println(err)
    return
  }
  fmt.Println(string(body))
}
```

```http
PUT /v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}} HTTP/1.1
Host: {{apiPath}}
Content-Type: application/json
Authorization: Bearer {{accessToken}}

{
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": ["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"]
}
```

```java
OkHttpClient client = new OkHttpClient().newBuilder()
  .build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\n    \"name\": \"p1:update:user\",\n    \"description\": \"An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property\",\n    \"schemaAttributes\": [\"name.family\", \"name.given\", \"email\", \"address.streetAddress\", \"address.locality\", \"address.region\", \"address.postalCode\", \"address.countryCode\", \"primaryPhone\", \"mobilePhone\"] \n}");
Request request = new Request.Builder()
  .url("{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}")
  .method("PUT", body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Authorization", "Bearer {{accessToken}}")
  .build();
Response response = client.newCall(request).execute();
```

```javascript
var settings = {
  "url": "{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}",
  "method": "PUT",
  "timeout": 0,
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{accessToken}}"
  },
  "data": JSON.stringify({
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": [
      "name.family",
      "name.given",
      "email",
      "address.streetAddress",
      "address.locality",
      "address.region",
      "address.postalCode",
      "address.countryCode",
      "primaryPhone",
      "mobilePhone"
    ]
  }),
};

$.ajax(settings).done(function (response) {
  console.log(response);
});
```

```javascript
var request = require('request');
var options = {
  'method': 'PUT',
  'url': '{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}',
  'headers': {
    'Content-Type': 'application/json',
    'Authorization': 'Bearer {{accessToken}}'
  },
  body: JSON.stringify({
    "name": "p1:update:user",
    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
    "schemaAttributes": [
      "name.family",
      "name.given",
      "email",
      "address.streetAddress",
      "address.locality",
      "address.region",
      "address.postalCode",
      "address.countryCode",
      "primaryPhone",
      "mobilePhone"
    ]
  })

};
request(options, function (error, response) {
  if (error) throw new Error(error);
  console.log(response.body);
});
```

```python
import requests
import json

url = "{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}"

payload = json.dumps({
  "name": "p1:update:user",
  "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
  "schemaAttributes": [
    "name.family",
    "name.given",
    "email",
    "address.streetAddress",
    "address.locality",
    "address.region",
    "address.postalCode",
    "address.countryCode",
    "primaryPhone",
    "mobilePhone"
  ]
})
headers = {
  'Content-Type': 'application/json',
  'Authorization': 'Bearer {{accessToken}}'
}

response = requests.request("PUT", url, headers=headers, data=payload)

print(response.text)
```

```php
<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}');
$request->setMethod(HTTP_Request2::METHOD_PUT);
$request->setConfig(array(
  'follow_redirects' => TRUE
));
$request->setHeader(array(
  'Content-Type' => 'application/json',
  'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n    "name": "p1:update:user",\n    "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",\n    "schemaAttributes": ["name.family", "name.given", "email", "address.streetAddress", "address.locality", "address.region", "address.postalCode", "address.countryCode", "primaryPhone", "mobilePhone"] \n}');
try {
  $response = $request->send();
  if ($response->getStatus() == 200) {
    echo $response->getBody();
  }
  else {
    echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
    $response->getReasonPhrase();
  }
}
catch(HTTP_Request2_Exception $e) {
  echo 'Error: ' . $e->getMessage();
}
```

```ruby
require "uri"
require "json"
require "net/http"

url = URI("{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}")

http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Put.new(url)
request["Content-Type"] = "application/json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
  "name": "p1:update:user",
  "description": "An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property",
  "schemaAttributes": [
    "name.family",
    "name.given",
    "email",
    "address.streetAddress",
    "address.locality",
    "address.region",
    "address.postalCode",
    "address.countryCode",
    "primaryPhone",
    "mobilePhone"
  ]
})

response = http.request(request)
puts response.read_body
```

```swift
let parameters = "{\n    \"name\": \"p1:update:user\",\n    \"description\": \"An UPDATED access control scope that includes only the user schema attributes listed in the schemaAttributes property\",\n    \"schemaAttributes\": [\"name.family\", \"name.given\", \"email\", \"address.streetAddress\", \"address.locality\", \"address.region\", \"address.postalCode\", \"address.countryCode\", \"primaryPhone\", \"mobilePhone\"] \n}"
let postData = parameters.data(using: .utf8)

var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/resources/{{resourceID}}/scopes/{{scopeID}}")!,timeoutInterval: Double.infinity)
request.addValue("application/json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")

request.httpMethod = "PUT"
request.httpBody = postData

let task = URLSession.shared.dataTask(with: request) { data, response, error in
  guard let data = data else {
    print(String(describing: error))
    return
  }
  print(String(data: data, encoding: .utf8)!)
}

task.resume()
```