> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Update a user
> Update a user's configuration.
This API should only be called to manage users in the native security realm, which manages both authentication and authorization within the Fusion UI. Users from other security realms, such as LDAP or SAML, are managed directly by the Fusion auth proxy access control component. It referred to as the auth proxy because it handles both authentication and authorization for all requests to the Fusion REST API services for SSO services.
Before working with the User API to create a user, be sure the native security realm is set up and ready.
## OpenAPI
````yaml /api-reference/5.9/fusion-api-api-docs.json put /users/{id}
openapi: 3.0.1
info:
title: Fusion Proxy API
description: Manage Fusion users, roles, realms, access tokens, and API keys.
contact:
name: Lucidworks
url: www.lucidworks.com
email: support@lucidworks.com
license:
name: License of API
url: https://lucidworks.com/legal/developer-license-agreement/
version: '5.9'
servers:
- url: https://{FUSION HOST}/api
description: Fusion
variables:
FUSION HOST:
default: FUSION_HOST
description: Your environment host.
security: []
tags:
- name: Realm management
description: >-
Endpoints for creating, configuring, and managing authentication realms
such as LDAP, SAML, OIDC, and others.
- name: User management
description: >-
Endpoints for creating, updating, deleting, and retrieving Fusion users
and their associated metadata.
- name: Suggestions
description: >-
Endpoints that provide query suggestions or autocomplete results to
improve search experiences.
- name: API key management
description: >-
Endpoints for managing API keys used to authenticate Fusion services and
integrations.
- name: OAuth 2.0
description: >-
Endpoints that support OAuth 2.0 authentication, including token issuance
and validation.
- name: Role management
description: >-
Endpoints for creating and managing user roles and their associated
permissions within Fusion.
- name: System status
description: >-
Endpoints for retrieving basic system health, configuration, and
authentication status.
externalDocs:
description: Lucidworks Documentation
url: https://doc.lucidworks.com/
paths:
/users/{id}:
put:
tags:
- User management
summary: Update a user
description: >-
Update a user's configuration.
This API should only be called
to manage users in the native security realm, which manages both
authentication and authorization within the Fusion UI. Users from other
security realms, such as LDAP or SAML, are managed directly by the
Fusion auth proxy access control component. It referred to as the auth
proxy because it handles both authentication and authorization for all
requests to the Fusion REST API services for SSO
services.
Before working with the User API to create a user, be
sure the native security realm is set up and ready.
operationId: updateUser
parameters:
- name: id
description: >-
The user ID. Note that this is different than the username. Use
`GET /users` to get the list of user IDs.
example: fe0885f2-8885-4c46-a3ea-8e5d0041c293
required: true
in: path
schema:
type: string
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UpdateUser_PublicView'
example:
username: 1new-user-test
realmName: native
timezone: Pacific Time (US & Canada)
permissions:
- methods:
- GET
- PUT
required: true
responses:
'200':
description: OK
content:
'*/*':
schema:
$ref: '#/components/schemas/User_PublicView'
example:
id: fe0885f2-8885-4c46-a3ea-8e5d0041c293
username: 1new-user-test
realmName: native
createdAt: '2025-10-30T21:59:01Z'
roleNames: []
timezone: Pacific Time (US & Canada)
permissions:
- methods:
- PUT
- GET
components:
schemas:
UpdateUser_PublicView:
type: object
properties:
password:
type: object
properties:
empty:
type: boolean
passwordHash:
type: string
roleNames:
type: array
writeOnly: true
items:
type: string
description: Indicates which roles are dynamically applied to users in the realm.
timezone:
type: string
example: Pacific Time (US & Canada)
permissions:
type: array
items:
$ref: '#/components/schemas/GlobPermission_PublicView'
roles:
type: array
description: >-
One or more user roles. Use `GET /roles` to get the list of existing
roles.
items:
type: string
User_PublicView:
type: object
properties:
id:
type: string
example: fe0885f2-8885-4c46-a3ea-8e5d0041c293
username:
type: string
example: admin
realmName:
type: string
example: ldap-internal
createdAt:
type: string
format: date-time
example: '2025-09-23T17:48:07Z'
updatedAt:
type: string
format: date-time
example: '2025-10-31T12:28:04Z'
roleNames:
type: array
items:
type: string
description: Indicates which roles are dynamically applied to users in the realm.
example:
- search
- developer
timezone:
type: string
example: Pacific Time (US & Canada)
permissions:
type: array
items:
$ref: '#/components/schemas/GlobPermission_PublicView'
GlobPermission_PublicView:
type: object
properties:
methods:
uniqueItems: true
type: array
items:
type: string
enum:
- GET
- POST
- PUT
- DELETE
- HEAD
- PATCH
- OPTIONS
path:
type: string
example: /
params:
type: object
additionalProperties:
type: array
items:
type: string
````