Skip to content
HeadlessWP Pro

Update profile

id: core-me-updateprofile owner: core method: PATCH path: /wp-json/headlesswp/v1/me/profile title: Update profile usedBySite: true

PATCH /wp-json/headlesswp/v1/me/profile

Update the authenticated user profile fields.

Auth + CSRF

  • Auth: cookie session required.
  • Proxy nonce required: yes.
  • CSRF: required via X-WP-Nonce (proxy enforces nonce for this route).

Request schema

JSON body with only the allowed keys below (unknown keys are rejected with VALIDATION_FAILED). At least one allowed field must be provided.

  • displayName?: string
    • When provided, must be non-empty and max length 100.
  • billingEmail?: string
    • When provided, must be a valid email address (empty string is invalid).
  • billingPhone?: string
    • Max length 32.
  • companyName?: string
    • Max length 120.

Response schema (200)

{
  "data": {
    "user": {
      "id": 123,
      "email": "user@example.com",
      "displayName": "Updated Name",
      "roles": ["subscriber"],
      "createdAt": "2025-01-01T00:00:00Z",
      "billingEmail": "billing@example.com",
      "billingPhone": "+15555550123",
      "companyName": "ACME Inc."
    }
  },
  "meta": {
    "correlationId": "abc123",
    "correlation_id": "abc123",
    "request_id": "abc123",
    "timestamp": "2025-01-02T00:00:00Z"
  }
}

Error codes

  • 401 NOT_AUTHENTICATED
  • 403 CSRF_FAILED (proxy boundary when nonce missing/invalid)
  • 422 VALIDATION_FAILED
    • error.details.fieldErrors is a map of field -> array of messages
  • 429 RATE_LIMITED
    • error.details.bucket present (user mutation bucket)
  • 500 PROFILE_UPDATE_FAILED