---
title: "Update a web user account"
description: "Update an existing web user's account information."
url: "https://docs.adyen.com/account-management-api/manage-user-accounts/updatewebuser"
source_url: "https://docs.adyen.com/account-management-api/manage-user-accounts/updatewebuser.md"
canonical: "https://docs.adyen.com/account-management-api/manage-user-accounts/updatewebuser"
last_modified: "2026-05-24T12:54:32+02:00"
language: "en"
---
# Update a web user account
Update an existing web user's account information.
[View source](/account-management-api/manage-user-accounts/updatewebuser.md)
This call supports full and partial updates:
* All the populated fields in the update request are updated;
* Any non-mandatory fields excluded from the operation are skipped.
For a field to be updated correctly, it needs to be completely populated. For example, to update an element that contains child elements, all the mandatory child elements must be populated with valid data.
If one or more mandatory sub-elements are missing from the update request, the whole parent element fails to update, and its value does not change.
When you make a POST `/updateWebUser` request, take the following guidelines into account:
* `grantRoles`: Update per role.
* `revokeRoles`: Update per role.
* `name` and `email` are related fields; therefore, they both need to be completely populated in the update request, even when you want to update only one of them.
* This implies also that if the update fails for either `name` or `email`, the other related element is not updated, either.
* `addMerchantCodes`: Update per `merchantCode`.
* `deleteMerchantCodes`: Update per `merchantCode`.
## Request parameters
To update web user account information, make a POST `/updateWebUser` request specifying:
| Name | | Type | Required | Description |
| ------------------------- | -------------- | ------- | ------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `userName` | | String |  | A user name string holds the user account display name. It can include:- Digits: *0-9*
- Letters *a-z*, *A-Z*
- Special characters: "*.*" (dot), "*-*" (hyphen), "*\_*" (underscore)* * |
| `active` | | Boolean |  | * Set to `true` to activate an account.
* Set to `false` to make the account inactive. |
| `addMerchantCodes` | | List |  | A list holding merchant codes you want to activate and associate with the specified user account.A merchant code string holds a value to identify a merchant.Format:* Either: `MerchantAccount.Merchant_Code`
* Or: `Merchant_Code`
Merchant codes in this list should not be included in `deleteMerchantCodes` as well. |
| `deleteMerchantCodes` | | List |  | A list holding merchant codes you want to make inactive and remove from the specified user account. A merchant code string holds a value to identify a merchant.Format:* Either: `MerchantAccount.Merchant_Code`
* Or: `Merchant_Code`
Merchant codes in this list should not be included in `addMerchantCodes` as well. |
| `addAccountGroupCodes` | | List |  | A list of account groups that the user should have access to. |
| `removeAccountGroupCodes` | | List |  | A list of account groups that the user should no longer have access to. |
| `email` | | String |  | The email address associated with the user account. |
| `grantRoles` | | List |  | New roles you want to assign to the specified user account.* `RoleType`Roles in this list should not be included in `revokeRoles` as well. |
| | `RoleType` | enum |  | It defines the type of role assigned to the user account. Some examples of roles are:* `Merchant_standard_role`
* `Merchant_manage_payments`
* `Merchant_Report_role`
* `Merchant_dispute_management`
* `Merchant_technical_integrator`
* `Merchant_View_Risk_Results_role`
* `Merchant_view_risk_settings`
* `Merchant_change_risk_settings`
* `Merchant_allowed_own_password_reset` |
| `revokeRoles` | | List |  | Assigned roles you want to revoke from the specified user account.* `RoleType`Roles in this list should not be included in `grantRoles` as well.The `Merchant_standard_role` lets a user log in to the Customer Area. Make sure that at least one user in your company has this role. |
| | `RoleType` | enum |  | It defines the type of role assigned to the user account. Some examples of roles are:* `Merchant_standard_role`
* `Merchant_manage_payments`
* `Merchant_Report_role`
* `Merchant_dispute_management`
* `Merchant_technical_integrator`
* `Merchant_View_Risk_Results_role`
* `Merchant_view_risk_settings`
* `Merchant_change_risk_settings`
* `Merchant_allowed_own_password_reset` |
| `timeZoneCode` | | String |  | The time zone associated to the user account profile.If you do not specify any value, the active user's time zone settings are used instead. |
| `name` | | Object |  | A container object for personal data. This object contains:* `firstName`
* `lastName` |
| | \|-`firstName` | String |  | The first name/given name of the user.* Max. length: 80 characters |
| | \|-`lastName` | String |  | The last name/family name of the user.* Max. length: 80 characters |
## Response parameters
If there are no errors in the request, the call returns a `pspReference.`If any issues occur during the process, the call returns one or more warning or error messages.
| Name | Type | Returned by default | Description |
| -------------- | ------ | ------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------- |
| `pspReference` | String |  | A reference to uniquely identify the request. |
| `warnings` | String |  | List containing one or more warning messages. Returned when the request is not correctly processed. |
| `errors` | String |  | List containing one or more error messages. Returned when the request fails. |
## Examples
### Request
#### JSON
```json
{
"active":"true",
"addMerchantCodes":[
"MerchantAccount.TestMerchant"
],
"deleteMerchantCodes":[
"TestMerchantDelete"
],
"email":"test@email.ad",
"grantRoles":[
"Merchant_change_risk_settings"
],
"name":{
"firstName":"Jane",
"lastName":"Green"
},
"revokeRoles":[
"Merchant_technical_integrator",
"Merchant_dispute_management"
],
"timeZoneCode":"UTC",
"userName":"merchant1"
}
```
#### Soap
```xml
true
test@email.ad
MerchantAccount.TestMerchant
TestMerchantDelete
Merchant_change_risk_settings
Jane
Doe
Merchant_technical_integrator
Merchant_dispute_management
UTC
merchant1
```
### Response
#### JSON
```json
{
"pspReference":"9914140700917468"
}
```
#### Soap
```xml
9914140700917468
```
### Response in case of an error or warning
#### JSON
```json
{
"pspReference":"9914140700710438",
"warnings":[
"8_041 failed revokeRoles 'Merchant_dispute_management': not even granted"
]
}
```
#### Soap
```xml
9914140700710438
8_041 failed revokeRoles 'Merchant_dispute_management': not even granted
```