Update Account

Update the details of an existing WiPay user account. Only the fields you include will be updated, and only accounts created under the authenticated MMA configuration can be modified.

This endpoint is part of the conditional MMA account-management feature set, not a general-purpose profile-management endpoint for every verified WiPay PERSONAL or BUSINESS account.

Endpoint

PATCH /accounts/{account_number}

Access	Requirement
Authenticated	Yes
Required Scope	`wapi-accounts-update`, or `wapi-accounts-all`
Rate Limit	5 requests per minute

Request

Headers

Header	Value
`Accept`	`application/json`
`Authorization`	`Bearer <access_token>`
`X-WAPI-Key`	`wapi_live_<kid>_<secret>` or `wapi_test_<kid>_<secret>`

Send exactly one of Authorization or X-WAPI-Key.

Path Parameters

Parameter	Type	Required	Description
`account_number`	string	Yes	The account number to update (numeric string)

Body (form-data)

Parameter	Type	Required	Description
`email`	string	No	Updated email address
`first_name`	string	No	Updated first name
`last_name`	string	No	Updated last name
`password`	string	No	Updated password

Notes:

account_number must be a numeric string.
email must be a valid email address and must remain unique.
first_name and last_name must be 2 to 255 characters and may contain letters, spaces, and hyphens.
password must be 8 to 30 characters and is validated by WiPay's secure password policy on production.

Responses

200 OK

{
  "message": "OK"
}

400 Bad Request

{
  "message": "The account number must be a numeric string."
}

Account cannot be modified

{
  "message": "..."
}

401 Unauthorized

{
  "message": "Unauthorized"
}

403 Forbidden

Insufficient permissions

{
  "message": "Forbidden"
}

Invalid scopes

{
  "message": "Invalid scope(s) provided."
}

Example

curl -X PATCH "https://ttsb.wipayfinancial.com/wapi/accounts/1428855397" \
  -H "Accept: application/json" \
  -H "Authorization: Bearer <access_token>" \
  -F "first_name=Johnathan"

On this page