Patch metadata of a user

curl --request PATCH \
  --url https://{tenant_id}.hanko.io/admin/users/{id}/metadata \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "public_metadata": {
    "role": "admin"
  },
  "private_metadata": {
    "internal_id": "e6c19cfb-09a2-41e5-a908-e33193b7ca0a"
  },
  "unsafe_metadata": {
    "birthday": "2025-05-12"
  }
}'

{
  "public_metadata": {
    "role": "admin"
  },
  "private_metadata": {
    "internal_id": "e6c19cfb-09a2-41e5-a908-e33193b7ca0a"
  },
  "unsafe_metadata": {
    "birthday": "2025-05-12"
  }
}

User Metadata Management

Patch metadata of a user

Updates a users metadata by deep merging the metadata patch from the request with existing metadata.

Set the entire request to null to clear all metadata: Set any of public_metadata, private_metadata, unsafe_metadata to null to clear metadata for that category.

An empty object ({}) for the top level request object or an empty object for public_metadata, private_metadata or the unsafe_metadata property represent a noop patch.

Unknown top level keys besides public_metadata, private_metadata or unsafe_metadata are ignored.

All other top level request values (e.g. an empty string, a non-empty string, an array) result in a bad request.

PATCH

users

{id}

metadata

Patch metadata of a user

curl --request PATCH \
  --url https://{tenant_id}.hanko.io/admin/users/{id}/metadata \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "public_metadata": {
    "role": "admin"
  },
  "private_metadata": {
    "internal_id": "e6c19cfb-09a2-41e5-a908-e33193b7ca0a"
  },
  "unsafe_metadata": {
    "birthday": "2025-05-12"
  }
}'

{
  "public_metadata": {
    "role": "admin"
  },
  "private_metadata": {
    "internal_id": "e6c19cfb-09a2-41e5-a908-e33193b7ca0a"
  },
  "unsafe_metadata": {
    "birthday": "2025-05-12"
  }
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your API key. Must only be used when using Hanko Cloud.

Path Parameters

string<uuid>

required

UUID of the requested object

Body

application/json

User metadata The user metadata patch

Response

200

application/json

User metadata

Get metadata of a user Get a list of emails for a user

API Documentation

Public

Admin

Patch metadata of a user

Authorizations

Path Parameters

Body

Response