POST
/
v2
/
identities.updateIdentity
Go (SDK)
package main

import(
	"context"
	"os"
	unkey "github.com/unkeyed/sdks/api/go/v2"
	"github.com/unkeyed/sdks/api/go/v2/models/components"
	"log"
)

func main() {
    ctx := context.Background()

    s := unkey.New(
        unkey.WithSecurity(os.Getenv("UNKEY_ROOT_KEY")),
    )

    res, err := s.Identities.UpdateIdentity(ctx, components.V2IdentitiesUpdateIdentityRequestBody{
        Identity: "user_123",
        Meta: map[string]any{
            "email": "alice@example.com",
            "name": "Alice Smith",
            "plan": "premium",
        },
    })
    if err != nil {
        log.Fatal(err)
    }
    if res.V2IdentitiesUpdateIdentityResponseBody != nil {
        // handle response
    }
}
{
  "data": {
    "id": "<string>",
    "externalId": "<string>",
    "meta": {},
    "ratelimits": [
      {
        "id": "rl_1234567890abcdef",
        "name": "api_requests",
        "limit": 1000,
        "duration": 3600000,
        "autoApply": true
      }
    ]
  },
  "meta": {
    "requestId": "req_123"
  }
}

Authorizations

Authorization
string
header
required

Unkey uses API keys (root keys) for authentication. These keys authorize access to management operations in the API. To authenticate, include your root key in the Authorization header of each request:

Authorization: Bearer unkey_123

Root keys have specific permissions attached to them, controlling what operations they can perform. Key permissions follow a hierarchical structure with patterns like resource.resource_id.action (e.g., apis.*.create_key, apis.*.read_api). Security best practices:

  • Keep root keys secure and never expose them in client-side code
  • Use different root keys for different environments
  • Rotate keys periodically, especially after team member departures
  • Create keys with minimal necessary permissions following least privilege principle
  • Monitor key usage with audit logs.

Body

application/json
identity
string
required

The ID of the identity to update. Accepts either the externalId (your system-generated identifier) or the identityId (internal identifier returned by the identity service).

Minimum length: 3
Example:

"user_123"

meta
object

Replaces all existing metadata with this new metadata object. Omitting this field preserves existing metadata, while providing an empty object clears all metadata. Avoid storing sensitive data here as it's returned in verification responses. Large metadata objects increase verification latency and should stay under 10KB total size.

Example:
{
  "name": "Alice Smith",
  "email": "alice@example.com",
  "plan": "premium"
}
ratelimits
object[]

Replaces all existing identity rate limits with this complete list of rate limits. Omitting this field preserves existing rate limits, while providing an empty array removes all rate limits. These limits are shared across all keys belonging to this identity, preventing abuse through multiple keys. Rate limit changes take effect immediately but may take up to 30 seconds to propagate across all regions.

Maximum length: 50
Example:
[
  {
    "name": "requests",
    "limit": 1000,
    "duration": 3600000,
    "autoApply": true
  }
]

Response

Identity successfully updated

data
object
required
meta
object
required

Metadata object included in every API response. This provides context about the request and is essential for debugging, audit trails, and support inquiries. The requestId is particularly important when troubleshooting issues with the Unkey support team.