Web API

Press shift + S to search API reference.

Users

Manage user

patchhttps://api.airtable.com/v0/meta/enterpriseAccounts/{enterpriseAccountId}/users/{userId}

Manage enterprise account managed users.

Requirements

AuthenticationPersonal access token, OAuth integration
Scopeenterprise.user:write
User role

Enterprise admin

Billing plansEnterprise (pre-2023.08 legacy plan), Enterprise Scale

Path parameters

enterpriseAccountId
string
userId
string

Request body

state
optional<"provisioned" | "deactivated">

provisioned | deactivated Can only change the state of managed users.

email
optional<string>

Enterprise account must own both the original and destination email domains.

WARNING: If SSO is required for your enterprise account, you must follow these steps precisely to avoid locking the end user out of their account or creating duplicate accounts.

  • Use this API to update the user's email to a new value (this effectively logs the user out)
  • Use your SSO provider's (e.g. Okta's) admin panel to update the user's email to the new value
  • Tell the user to log into Airtable with the new email
firstName
optional<string>
lastName
optional<string>

Response format

This endpoint returns an empty response on success.

Error responses

Action on self failure (403)
Don't deactivate yourself or you might lose access. If action must be performed, add another admin.
{
"error": {
"message": "Cannot perform action on self",
"type": "INVALID_PERMISSIONS"
}
}
External user account (403)
Cannot modify external user state since they are not considered part of the enterprise account.
{
"error": {
"message": "User does not belong to the enterprise email domain",
"type": "INVALID_PERMISSIONS"
}
}
FLA account error (403)
The provisioned and deactivated states apply only to ELA and "claiming" enterprise accounts. FLA users are always provisioned.
{
"error": {
"message": "State modification is not enabled for FLA enterprise accounts",
"type": "INVALID_PERMISSIONS"
}
}
Non-managed user account (403)
Can only manage information of managed users.
{
"error": {
"message": "User is not managed by the enterprise account",
"type": "INVALID_PERMISSIONS"
}
}
Email in use failure (422)
Email cannot be taken already.
{
"error": {
"message": "Email already in use",
"type": "EMAIL_ALREADY_IN_USE"
}
}
Must own target domain (422)
Enterprise account must own target email domain.
{
"error": {
"message": "Target email domain not owned by this enterprise account",
"type": "TARGET_EMAIL_DOMAIN_NOT_OWNED_BY_ENTERPRISE"
}
}
Service accounts must be on verified domains (422)
A service account email must be on a verified email domain
{
"error": {
"message": "Service Account must be on verified enterprise email domain",
"type": "SERVICE_ACCOUNT_MUST_BE_ON_VERIFIED_DOMAIN"
}
}
Two factor error (422)
Email cannot be changed while the user has two factor authentication enabled.
{
"error": {
"message": "Cannot change email when two factor authentication is enabled",
"type": "CANNOT_CHANGE_EMAIL_WHILE_TWO_FACTOR_ENABLED"
}
}
Request (example)
Copy
$
curl -X PATCH "https://api.airtable.com/v0/meta/enterpriseAccounts/{enterpriseAccountId}/users/{userId}" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
--data '{
"email": "foo@bar.com",
"firstName": "Foo",
"lastName": "Baz",
"state": "provisioned"
}'