Skip to main content
PATCH
/
api
/
v1
/
shared
/
users
/
{user_id}
/
profile-picture
Update User Profile Picture
curl --request PATCH \
  --url https://api.example.com/api/v1/shared/users/{user_id}/profile-picture \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "uploadId": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}
'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "email": "<string>",
  "emailVerified": true,
  "firstName": "<string>",
  "lastName": "<string>",
  "profilePictureUrl": "<string>",
  "role": "<string>",
  "state": "<string>",
  "lastLogin": "2023-11-07T05:31:56Z",
  "createdAt": "2023-11-07T05:31:56Z",
  "hasCustomProfilePicture": false
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

user_id
string<uuid>
required

Body

application/json

Request body for PATCH /api/v1/users/me/profile-picture.

upload_id is REQUIRED in the body. null = remove the custom photo (revert to the WorkOS-provided URL). A UUID = set or replace the custom photo with the given upload. The endpoint validates ownership, scope, kind, and ready-state before writing.

uploadId
string<uuid> | null
required

Response

Successful Response

User profile for /users/me endpoint.

profile_picture_url: server-resolved. If the user has uploaded a custom photo this is a presigned URL for that upload's thumb derivative (256 px); otherwise it's the WorkOS-provided URL.

has_custom_profile_picture: lets the FE show a "Remove photo" affordance only when there's a custom photo to remove.

id
string<uuid>
required
email
string
required
emailVerified
boolean
required
firstName
string
required
lastName
string
required
profilePictureUrl
string | null
required
role
string
required
state
string
required
lastLogin
string<date-time> | null
required
createdAt
string<date-time>
required
hasCustomProfilePicture
boolean
default:false