UpdateUser
Method Details​
Description: Updates an existing user with modified field values.
Only mutable fields can be updated while preserving system-generated identifiers and ownership relationships. Role modifications should use dedicated role management operations.
Required Roles: Check proto file for roles
Parameters:
User(message) (required): Complete user resource with updated fields. Only mutable fields can be modified.
Returns: User
Method Type: METHOD_TYPE_WRITE
Code Examples​
- Go
- Python
- Java
- Protobuf
package main
import (
"context"
"log"
rolev1 "github.com/meshtrade/api/go/iam/role/v1"
userv1 "github.com/meshtrade/api/go/iam/user/v1"
)
func main() {
ctx := context.Background()
// Default configuration is used and credentials come from MESH_API_CREDENTIALS
// environment variable or default discovery methods. Zero config required
// unless you want custom configuration.
service, err := userv1.NewUserService()
if err != nil {
log.Fatalf("Failed to create service: %v", err)
}
defer service.Close()
// Update user with modified information
request := &userv1.UpdateUserRequest{
User: &userv1.User{
Name: "users/01HN2ZXQJ8K9M0L1N3P2Q4R5T6", // Existing user identifier
Owner: service.Group(), // Owner must match current ownership
Email: "sarah.t.johnson@company.com", // Updated email address
Roles: []string{
rolev1.Role_ROLE_IAM_ADMIN.FullResourceNameFromGroupName(service.Group()),
rolev1.Role_ROLE_TRADING_ADMIN.FullResourceNameFromGroupName(service.Group()),
rolev1.Role_ROLE_COMPLIANCE_VIEWER.FullResourceNameFromGroupName(service.Group()),
},
},
}
// Call the UpdateUser method
user, err := service.UpdateUser(ctx, request)
if err != nil {
log.Fatalf("UpdateUser failed: %v", err)
}
// Use the updated user
log.Printf("User updated successfully:")
log.Printf(" Name: %s", user.Name)
log.Printf(" Email: %s", user.Email)
log.Printf(" Owner: %s", user.Owner)
log.Printf(" Roles: %v", user.Roles)
// The user now has updated permissions
log.Printf("User permissions updated with %d active roles", len(user.Roles))
}
from meshtrade.api.iam.role.v1.role import full_resource_name_from_group_name
from meshtrade.api.iam.role.v1.role_pb2 import Role
from meshtrade.iam.user.v1 import (
UpdateUserRequest,
User,
UserService,
)
def main():
# Default configuration is used and credentials come from MESH_API_CREDENTIALS
# environment variable or default discovery methods. Zero config required
# unless you want custom configuration.
service = UserService()
with service:
# Update user with modified information
request = UpdateUserRequest(
user=User(
name="users/01HN2ZXQJ8K9M0L1N3P2Q4R5T6", # Existing user identifier
owner=service.group(), # Owner must match current ownership
email="sarah.t.johnson@company.com", # Updated email address
roles=[
full_resource_name_from_group_name(Role.ROLE_IAM_ADMIN, service.group()),
full_resource_name_from_group_name(Role.ROLE_TRADING_ADMIN, service.group()),
full_resource_name_from_group_name(Role.ROLE_COMPLIANCE_VIEWER, service.group()),
],
)
)
# Call the UpdateUser method
user = service.update_user(request)
# Use the updated user
print("User updated successfully:")
print(f" Name: {user.name}")
print(f" Email: {user.email}")
print(f" Owner: {user.owner}")
print(f" Roles: {user.roles}")
print(f"User permissions updated with {len(user.roles)} active roles")
if __name__ == "__main__":
main()
import co.meshtrade.api.iam.user.v1.UserService;
import co.meshtrade.api.iam.user.v1.Service.UpdateUserRequest;
import co.meshtrade.api.iam.user.v1.User.User;
import co.meshtrade.api.iam.role.v1.RoleUtils;
import co.meshtrade.api.iam.role.v1.RoleOuterClass.Role;
import java.util.Optional;
public class UpdateUserExample {
public static void main(String[] args) {
// Default configuration is used and credentials come from MESH_API_CREDENTIALS
// environment variable or default discovery methods. Zero config required
// unless you want custom configuration.
try (UserService service = new UserService()) {
// Update user with modified information
UpdateUserRequest request = UpdateUserRequest.newBuilder()
.setUser(User.newBuilder()
.setName("users/01HN2ZXQJ8K9M0L1N3P2Q4R5T6") // Existing user identifier
.setOwner(service.getGroup()) // Owner must match current ownership
.setEmail("sarah.t.johnson@company.com") // Updated email address
.addRoles(RoleUtils.fullResourceNameFromGroupName(Role.ROLE_IAM_ADMIN, service.getGroup()))
.addRoles(RoleUtils.fullResourceNameFromGroupName(Role.ROLE_TRADING_ADMIN, service.getGroup()))
.addRoles(RoleUtils.fullResourceNameFromGroupName(Role.ROLE_COMPLIANCE_VIEWER, service.getGroup()))
.build())
.build();
// Call the UpdateUser method
User user = service.updateUser(request, Optional.empty());
// Use the updated user
System.out.println("User updated successfully:");
System.out.println(" Name: " + user.getName());
System.out.println(" Email: " + user.getEmail());
System.out.println(" Owner: " + user.getOwner());
System.out.println(" Roles: " + user.getRolesList());
System.out.println("User permissions updated with " + user.getRolesCount() + " active roles");
} catch (Exception e) {
System.err.println("UpdateUser failed: " + e.getMessage());
e.printStackTrace();
}
}
}
syntax = "proto3";
package meshtrade.iam.user.v1;
import "buf/validate/validate.proto";
import "meshtrade/iam/role/v1/role.proto";
import "meshtrade/iam/user/v1/user.proto";
import "meshtrade/option/v1/method_type.proto";
import "meshtrade/type/v1/sorting.proto";
option go_package = "github.com/meshtrade/api/go/iam/user/v1;user_v1";
option java_package = "co.meshtrade.api.iam.user.v1";
/*
UserService manages user lifecycle and identity operations within groups.
Users are individual identity entities that belong to specific groups and have
assigned roles that determine their permissions within that group context.
Each user has a unique email address and can be assigned multiple roles
across the group hierarchy for fine-grained access control.
All operations require appropriate IAM domain permissions and operate within
the authenticated group context.
*/
service UserService {
/*
Assigns a role to an existing user within the authenticated group context.
The role assignment enables the user to perform operations according
to the permissions associated with that role within the group hierarchy.
*/
rpc AssignRoleToUser(AssignRoleToUserRequest) returns (meshtrade.iam.user.v1.User) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_WRITE;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_USER_ADMIN
]
};
}
/*
Retrieves a single user by its unique identifier.
Returns user details including name, email, ownership information,
and assigned roles within the authenticated group's access scope.
*/
rpc GetUser(GetUserRequest) returns (meshtrade.iam.user.v1.User) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_READ;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_VIEWER,
ROLE_IAM_USER_ADMIN,
ROLE_IAM_USER_VIEWER
]
};
}
/*
Returns all users accessible within the authenticated group's hierarchy.
Results include users directly owned and those accessible through the
group's hierarchical permissions, optionally sorted by email address.
*/
rpc ListUsers(ListUsersRequest) returns (ListUsersResponse) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_READ;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_VIEWER,
ROLE_IAM_USER_ADMIN,
ROLE_IAM_USER_VIEWER
]
};
}
/*
Searches for users by email address using substring matching.
Returns users whose email addresses contain the provided search term,
filtered by the authenticated group's access permissions and optionally
sorted by email address.
*/
rpc SearchUsers(SearchUsersRequest) returns (SearchUsersResponse) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_READ;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_VIEWER,
ROLE_IAM_USER_ADMIN,
ROLE_IAM_USER_VIEWER
]
};
}
/*
Creates a new user within the authenticated group context.
The user will be created with the provided email and group ownership,
with system-generated unique identifier and ownership hierarchy.
Additional roles can be assigned after creation.
*/
rpc CreateUser(CreateUserRequest) returns (meshtrade.iam.user.v1.User) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_WRITE;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_USER_ADMIN
]
};
}
/*
Updates an existing user with modified field values.
Only mutable fields can be updated while preserving system-generated
identifiers and ownership relationships. Role modifications should
use dedicated role management operations.
*/
rpc UpdateUser(UpdateUserRequest) returns (meshtrade.iam.user.v1.User) {
option (meshtrade.option.v1.method_type) = METHOD_TYPE_WRITE;
option (meshtrade.iam.role.v1.roles) = {
roles: [
ROLE_IAM_ADMIN,
ROLE_IAM_USER_ADMIN
]
};
}
}
message AssignRoleToUserRequest {
/*
Name of the user to assign a role to.
*/
string name = 1 [(buf.validate.field) = {
string: {
len: 32,
pattern: "^users/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$"
}
}];
/*
Role to assign to the user in the format groups/{ULIDv2}/{role_id}.
The role_id corresponds to a value from the meshtrade.iam.role.v1.Role enum.
*/
string role = 4 [(buf.validate.field) = {
required: true,
string: {
len: 41,
pattern: "^groups/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}/[1-9][0-9]{6}$"
}
}];
}
message GetUserRequest {
/*
Name of the user to retrieve.
Format: users/{ULIDv2}
*/
string name = 1 [(buf.validate.field) = {
required: true,
string: {
len: 32,
pattern: "^users/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$"
}
}];
}
message ListUsersRequest {
message Sorting {
/*
Field to sort by (e.g., "email").
*/
string field = 1 [(buf.validate.field) = {
string: {
in: [
"",
"email"
]
}
cel: {
id: "field.valid"
message: "field must be one of: email, or empty"
expression: "this in ['', 'email']"
}
}];
/*
Sort order for results.
*/
meshtrade.type.v1.SortingOrder order = 2;
}
/*
Optional sorting configuration.
*/
Sorting sorting = 1;
}
message ListUsersResponse {
repeated meshtrade.iam.user.v1.User users = 1;
}
message SearchUsersRequest {
/*
Email is a substring search for users.
*/
string email = 1;
message Sorting {
/*
Field to sort by (e.g., "email").
*/
string field = 1 [(buf.validate.field) = {
string: {
in: [
"",
"email"
]
}
cel: {
id: "field.valid"
message: "field must be one of: email, or empty"
expression: "this in ['', 'email']"
}
}];
/*
Sort order for results.
*/
meshtrade.type.v1.SortingOrder order = 2;
}
/*
Optional sorting configuration.
*/
Sorting sorting = 2;
}
message SearchUsersResponse {
repeated meshtrade.iam.user.v1.User users = 1;
}
message CreateUserRequest {
/*
The user resource to create.
The name field will be ignored and assigned by the server.
*/
meshtrade.iam.user.v1.User user = 1 [(buf.validate.field) = {required: true}];
}
message UpdateUserRequest {
/*
Complete user resource with updated fields.
Only mutable fields can be modified.
*/
meshtrade.iam.user.v1.User user = 1 [(buf.validate.field) = {required: true}];
}
Advanced Configuration​
For advanced client configuration options (custom endpoints, TLS settings, timeouts), see the SDK Configuration Guide.
Other Methods​
- Iam User v1 Method List - For Other methods