UpdateUser -


Updates an Amazon QuickSight user.

Request Syntax

PUT /accounts/AwsAccountId/namespaces/Namespace/users/UserName HTTP/1.1 Content-type: application/json { "CustomPermissionsName": "string", "Email": "string", "Role": "string", "UnapplyCustomPermissions": boolean }

URI Request Parameters

The request uses the following URI parameters.


The ID for the AWS account that the user is in. Currently, you use the ID for the AWS account that contains your Amazon QuickSight account.

Length Constraints: Fixed length of 12.

Pattern: ^[0-9]{12}$

Required: Yes


The namespace. Currently, you should set this to default.

Length Constraints: Maximum length of 64.

Pattern: ^[a-zA-Z0-9._-]*$

Required: Yes


The Amazon QuickSight user name that you want to update.

Length Constraints: Minimum length of 1.

Pattern: [\u0020-\u00FF]+

Required: Yes

Request Body

The request accepts the following data in JSON format.


The email address of the user that you want to update.

Type: String

Required: Yes


The Amazon QuickSight role of the user. The role can be one of the following default security cohorts:

  • READER: A user who has read-only access to dashboards.

  • AUTHOR: A user who can create data sources, datasets, analyses, and dashboards.

  • ADMIN: A user who is an author, who can also manage Amazon QuickSight settings.

The name of the QuickSight role is invisible to the user except for the console screens dealing with permissions.

Type: String


Required: Yes


(Enterprise edition only) The name of the custom permissions profile that you want to assign to this user. Customized permissions allows you to control a user's access by restricting access the following operations:

  • Create and update data sources

  • Create and update datasets

  • Create and update email reports

  • Subscribe to email reports

A set of custom permissions includes any combination of these restrictions. Currently, you need to create the profile names for custom permission sets by using the QuickSight console. Then, you use the RegisterUser API operation to assign the named set of permissions to a QuickSight user.

QuickSight custom permissions are applied through IAM policies. Therefore, they override the permissions typically granted by assigning QuickSight users to one of the default security cohorts in QuickSight (admin, author, reader).

This feature is available only to QuickSight Enterprise edition subscriptions that use SAML 2.0-Based Federation for Single Sign-On (SSO).

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: ^[a-zA-Z0-9+=,.@_-]+$

Required: No


A flag that you use to indicate that you want to remove all custom permissions from this user. Using this parameter resets the user to the state it was in before a custom permissions profile was applied. This parameter defaults to NULL and it doesn't accept any other value.

Type: Boolean

Required: No

Response Syntax

HTTP/1.1 Status Content-type: application/json { "RequestId": "string", "User": { "Active": boolean, "Arn": "string", "CustomPermissionsName": "string", "Email": "string", "IdentityType": "string", "PrincipalId": "string", "Role": "string", "UserName": "string" } }

Response Elements

If the action is successful, the service sends back the following HTTP response.


The HTTP status of the request.

The following data is returned in JSON format by the service.


The AWS request ID for this operation.

Type: String


The Amazon QuickSight user.

Type: User object


For information about the errors that are common to all actions, see Common Errors.


You don't have access to this item. The provided credentials couldn't be validated. You might not be authorized to carry out the request. Make sure that your account is authorized to use the Amazon QuickSight service, that your policies have the correct permissions, and that you are using the correct access keys.

HTTP Status Code: 401


An internal failure occurred.

HTTP Status Code: 500


One or more parameters has a value that isn't valid.

HTTP Status Code: 400


One or more preconditions aren't met.

HTTP Status Code: 400


One or more resources can't be found.

HTTP Status Code: 404


This resource is currently unavailable.

HTTP Status Code: 503


Access is throttled.

HTTP Status Code: 429

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: