Profile Update

An entity call can be made to retrieve the user’s information to display to the user in the Edit Profile form.


$api_call= '/entity';
$params= array(
    'access_token'=> $_SESSION['access_token'],
    // attributes from the user record to retrieve values for
    'attributes'=> '["givenName", "familyName", "displayName", "email"]'
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Update Profile Data

The user information is then updated via the oauth/update_profile_native endpoint.


$api_call= '/oauth/update_profile_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'access_token'=> $_SESSION['access_token'],
    // required form = editProfileForm
    'form'=> 'editProfileForm',
    // profile field(s) to update
    'firstName'=> $_POST['firstName'],
    'lastName'=> $_POST['lastName'],
    'displayName'=> $_POST['displayName'],
    'emailAddress'=> $_POST['email']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Response

Outcome / Next Step

Success (ok)

User’s record is updated

Birthdate is not a valid date (invalid_form_fields)

The birthdate field is a special field that must be sent as three (3) different field parameters: birthdate[dateselect_year], birthdate[dateselect_month], birthdate[dateselect_day]

Other field validation error (invalid_form_fields)

The pertinent error message(s) defined in the Registration configuration will be returned. Provide validation message(s) to user so that they may correct these values and try again.

Note.  User information that is stored as a plural cannot be updated via the oauth/update_profile_native endpoint. Instead, an entity.update call must be made.

Do not use the entity.update call unless absolutely necessary. Why? Because this call skips over the data validation layer, which can result in data that does not conform to your validation rules.

The example below updates a plural called children. In this case, the user has one existing child in their profile, and is adding a second child’s information.

Notice that you must pass the user’s entire plural in the attributes parameter.

In the sample code above, the first child (June) has an id value. This value was auto-generated in the database when that child was created. The second child (Rex) is new, so there is no id yet. Once this call is made, the second child will be created and their id will auto-generate.


$api_call= '/entity.update';
$params= array(
    'access_token'=> $_SESSION['access_token'],
    // user's entire plural, including updates
    'attributes'=> '{"children": [{"age": "3", "gender": "F", "id": 1234, "name": "June"},{"age": "1", "gender": "M", "name": "Rex"}]}'
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Change Password

A logged-in user can change their password directly via the oauth/update_profile_native endpoint and the changePasswordForm. Note that this form and workflow is different than the Forgot Password implementation.


$api_call= '/oauth/update_profile_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'access_token'=> $_SESSION['access_token'],
    // required form = changePasswordForm
    'form'=> 'changePasswordForm',
    // profile field(s) to update
    'currentPassword'=> $_POST['current_password'],
    'newPassword'=> $_POST['new_password'],
    'newPasswordConfirm'=> $_POST['confirm_password'],
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Response

Outcome / Next Step

Success (ok)

User’s record is updated with new password