Skip to main content

users.profile.set method

Facts

DescriptionSet a user's profile information, including custom status.
Method Access
POST https://slack.com/api/users.profile.set
Scopes
Content types
application/x-www-form-urlencoded
application/json
Rate LimitsTier 3: 50+ per minute

Arguments

Required arguments

tokenstringRequired

Authentication token bearing required scopes. Tokens should be passed as an HTTP Authorization header or alternatively, as a POST parameter.

Example: xxxx-xxxxxxxxx-xxxx

Optional arguments

namestringOptional

Name of a single key to set. Usable only if profile is not passed.

Example: first_name
profilestringOptional

Collection of key:value pairs presented as a URL-encoded JSON hash. At most 50 fields may be set. Each field name is limited to 255 characters.

Example: { first_name: "John", ... }
userstringOptional

ID of user to change. This argument may only be specified by admins on paid teams.

valuestringOptional

Value to set a single key to. Usable only if profile is not passed.

Example: John

Usage info

Is this the API Method for you? Here are some things to keep in mind while using the users.profile.set API Method.

  • Your workspace must be on a paid plan to use the users.profile.set API method in order to change the profile for other users.
  • You must select API as the Data source within the Configure Profiles admin tool in order to call this method.
  • The users.profile.set API method requires you to use a user access token (starts with xoxp-).
  • The role level for the token is determined by the user who installed the app.
  • Org users cannot change their own profile details.
  • You can change usernames and display names with a token that was generated by a Workspace Owner or Admin (even if they are not an Org Owner/Admin). More details are in this help center article. For any other profile detail changes, you must use a token that was generated by an Owner or Admin (For Enterprise orgs, this must be an Org Owner or Org Admin). You also cannot change the profile details for a user unless your role level is higher than theirs. Role levels from highest to lowest are: Primary Owner > Owner > Admin > Member > Guest. More information about roles can be found here. Therefore:
    • To change the profile of Admins, you must be using a token that was minimally generated by an Owner.
    • To change the profile of Owners, you must be using a token that was generated by a Primary Owner.

Profile fields

There are two ways to update non-custom profile fields with this method:

  • Update one field at a time by passing the pair of arguments name and value.
  • Update multiple fields by passing the argument profile.

You can update any of the following non-custom fields from the profile object within a Slack user object:

FieldDescription
display_nameThe display name the user has chosen to identify themselves by in their workspace profile. Maximum of 80 characters.
emailA valid email address. The email address must have an @ and a domain, and cannot have spaces or be in use by another member of the same team. Changing a user's email address will send an email message to both the old and new addresses, and the user's email address will not be updated until the user clicks the confirmation link in the email message. You cannot update your own email using this method; this field can only be changed by admins for users on paid teams.
first_nameThe user's first name. The name slackbot cannot be used. Updating first_name will update the first name within real_name.
last_nameThe user's last name. The name slackbot cannot be used. Updating last_name will update the second name within real_name.
phoneThe user's phone number, in any format.
pronounsThe user's pronouns.
real_nameThe user's first and last name. Updating this field will update first_name and last_name. If only one name is provided, the value of last_name will be cleared. Maximum of 50 characters.
start_dateThe date the person joined the organization (Business+ or Enterprise Grid customers only).
titleThe user's title.
The skype field will always be an empty string and cannot be set otherwise.

For more details, please read this changelog entry.

While profile image fields are present in the profile object, they cannot be set using the users.profile.set method. Use users.setPhoto and users.deletePhoto to update a user's profile image.

The following example payload updates the values of first_name, last_name, pronoun, and email for a user:

{
	"profile": {
		"first_name": "John",
		"last_name": "Smith",
		"pronouns": "they/them",
		"email": "[email protected]"
	}
}

Custom profile fields

Custom fields are created within the organization admin tools. Once a field is created, you can update it for users with this API method.

Each custom profile field has a unique per-team ID. You can update a custom profile field by providing a key:value pair where the key is the relevant ID. Use team.profile.get to retrieve the profile fields and their IDs used by a team.

You can update a profile field by using the ID in the name field. To update custom profile fields, use the fields object instead. The fields object is an array of custom profile fields' key:value pairs.

If you update fields within the fields array, you can also choose to set the alt field. While the value of a field is what is usually displayed, the alt key will be displayed instead if it is set. The alt field can be up to 256 characters for all field types.

A field within the fields array needs a type. This determines the type of information value contains.

TypeDescription
datethe value must be a valid date.
linkthe value can be any valid link that's not more than 256 characters. The link text will be the alt value if set, or the data element name if alt is not set.
long_textthe value can be up to 5,000 characters of basic formatted mrkdown. See the long_text section below.
options_listthe value must be one of the possible_values in the field definition.
tagsthe value contains distinct elements known as multi-value tags. Individual tags can hold up to 50 characters. Any number of tags can be created by admins, but end-users can only add 75 tags to their profiles. See the tags section below.
textthe value can be up to 256 characters of plain text.
userthe value can be up to 25 user IDs, separated by commas.

The following example sets the value of three fields; one with plain text, one with a date, and another with a link.

{
	"profile": {
		"fields": {
			"Xf0111111": {
				"value": "Barista",
				"alt": ""
			},
			"Xf0222222": {
				"value": "2022-04-11",
				"alt": ""
			},
			"Xf0333333": {
				"value": "https://example.com",
				"alt": ""
			}
		}
	}
}

Long_text (Flexible Text)

The value of a long_text field can be up to 5,000 characters of basic formatted mrkdown.

While you should use team.profile.get to get the ID for any field, including long-text fields, you should not copy the received schema. Below is a properly formatted payload for updating the long_text field with user.profile.set.

{
	"profile": {
		"fields": {
			"Xf0222222": {
				"value": "​​I make absolutely the best coffee you will *_ever_* taste. Learn more about where I studied <http://www.example.com|how to pull an espresso shot>. :coffee:",
				"alt": ""
			}
		}
	}
}

Tags (Smart Tags)

The value of a tags field contains distinct elements known as multi-value tags. Individual tags can hold up to 50 characters. Any number of tags can be created by admins, but end-users can only add 75 tags to each smart tag element on their profiles.

While you should use team.profile.get to get the ID for any field, including smart tag fields, you should not copy the received schema. Below is a properly formatted payload for updating the tags field with user.profile.set.

{
	"fields": {
		"Xf0333333": {
			"value": [
				"Mocha", "Latte", "Americano"
			], 
			"alt": ""
		}
	}
}

Name Pronunciation

The Name Pronunciation field lets a user provide a text description of how their name is pronounced. This text is displayed under their job title.

Use team.profile.get to obtain the field ID. Below is an example payload for updating the field once you have that ID:

{
	"profile": {
		"fields": {
			"Xf0444444": {
				"value": "Zoë is pronounced zo-ee",
				"alt": ""
			}
		}
	}
}
Name Recordings

A user can also record an audio file of how their name is pronounced. This name recording will appear on their profile as a speaker icon. A Name Recording cannot be updated via API.

Status updates

This method is also used to set a user's current status.

Place the following status fields within the profile object when calling users.profile.set:

FieldTypeDescription
status_emojistringThe displayed emoji that is enabled for the Slack team, such as :train:.
status_expirationintegerthe Unix timestamp of when the status will expire. Providing 0 or omitting this field results in a custom status that will not expire.
status_textstringThe displayed text of up to 100 characters. We strongly encourage brevity.

For example, the following payload sets a custom status of 🚆 riding a train and has it expire on July 26th, 2018 at 17:51:46 UTC:

{
	"profile": {
		"status_text": "riding a train",
		"status_emoji": ":train:",
		"status_expiration": 1532627506
	}
}

To manually unset a user's custom status, provide empty strings to both the status_text and status_emoji attributes: "".

Start dates

A user's start date can be found in the start_date non-custom profile field. You can update this field like any other non-custom profile field.

{
	"profile": {
		"start_date": "2022-10-22"
	},
	"user": "U123ABC456"
}

When you update a user's start date, both the start_date field and a custom profile field with its own unique field ID is updated.

While it's perfectly fine to just update start_date, you could also choose to update this custom field instead, after obtaining the custom field ID with team.profile.get. Updating one of these fields will update the other field accordingly.

{
    "profile": {
        "fields": {
            "Xf0123ABC456": {
                "value": "2022-10-22",
            }
    },
    "user": "U123ABC456",
}

Building your HTTP request

We strongly recommend using application/json POSTs when using this method. If you choose to use application/x-www-form-urlencoded, you must URL-encode the JSON provided to the profile field.

In general, you need to set your content type and authorization credentials to make an HTTP request. If you're using a workspace token, you need to provide an x-slack-user header indicating the user you're acting on behalf of.

You can send a JSON payload to users.profile.set with such an HTTP request:

POST /users/profile.set
Host: slack.com
Authorization: Bearer xoxp-secret-token
Content-type: application/json; charset=utf-8
{
    "profile": {
        "first_name": "John",
        "last_name": "Smith",
        "pronouns": "they/them",
        "email": "[email protected]",
        "fields": {
            "Xf0111111": {
                "value": "Barista",
                "alt": ""
            },
            "Xf0222222": {
                "value": "2022-04-11",
                "alt": ""
            },
            "Xf0333333": {
                "value": "https://example.com",
                "alt": ""
            }
        }
    }
}

This method will generate a user_change event on success, containing the complete user.

Profile update rate limits

Update a user's profile, including custom status, sparingly. Special rate limit rules apply when updating profile data with users.profile.set. A token may update a single user's profile no more than 10 times per minute. And a single token may only set 30 user profiles per minute. Some burst behavior is allowed.

Response

The complete user's profile will be returned.

{
  "ok": true,
  "profile": {
    "title": "Head of Coffee Production",
    "phone": "",
    "skype": "",
    "real_name": "John Smith",
    "real_name_normalized": "John Smith",
    "display_name": "john",
    "display_name_normalized": "john",
    "fields": {
      "Xf0111111": {
        "value": "Barista",
        "alt": ""
      },
      "Xf0222222": {
        "value": "2022-04-11",
        "alt": ""
      },
      "Xf0333333": {
        "value": "https://example.com",
        "alt": ""
      }
    },
    "status_text": "Watching cold brew steep",
    "status_emoji": ":coffee:",
    "status_emoji_display_info": [],
    "status_expiration": 0,
    "avatar_hash": "123xyz",
    "start_date": "2022-03-21",
    "email": "[email protected]",
    "pronouns": "they/them/theirs",
    "huddle_state": "default_unset",
    "huddle_state_expiration_ts": 0,
    "first_name": "john",
    "last_name": "smith",
    "image_24": "https://.../...-24.png",
    "image_32": "https://.../...-32.png",
    "image_48": "https://.../...-48.png",
    "image_72": "https://.../...-72.png",
    "image_192": "https://.../....-192png",
    "image_512": "https://.../...-512.png"
  }
}

Typical error response

{
  "ok": false,
  "error": "invalid_profile"
}

Errors

This table lists the expected errors that this method could return. However, other errors can be returned in the case where the service is down or other unexpected factors affect processing. Callers should always check the value of the ok parameter in the response.

Error
Description
access_denied

Access to a resource specified in the request is denied.

accesslimited

Access to this method is limited on the current network

account_inactive

Authentication token is for a deleted user or workspace when using a bot token.

cannot_update_admin_user

Only a primary owner can update the profile of an admin.

deprecated_endpoint

The endpoint has been deprecated.

ekm_access_denied

Administrators have suspended the ability to post a message.

email_taken

email taken

enterprise_is_restricted

The method cannot be called from an Enterprise.

fatal_error

The server could not complete your operation(s) without encountering a catastrophic error. It's possible some aspect of the operation succeeded before the error was raised.

internal_error

The server could not complete your operation(s) without encountering an error, likely due to a transient issue on our end. It's possible some aspect of the operation succeeded before the error was raised.

invalid_arg_name

The method was passed an argument whose name falls outside the bounds of accepted or expected values. This includes very long names and names with non-alphanumeric characters other than _. If you get this error, it is typically an indication that you have made a very malformed API call.

invalid_arguments

The method was called with invalid arguments.

invalid_array_arg

The method was passed an array as an argument. Please only input valid strings.

invalid_auth

Some aspect of authentication cannot be validated. Either the provided token is invalid or the request originates from an IP address disallowed from making the request.

invalid_charset

The method was called via a POST request, but the charset specified in the Content-Type header was invalid. Valid charset names are: utf-8 iso-8859-1.

invalid_emoji_not_allowed

Invalid emoji not allowed.

invalid_form_data

The method was called via a POST request with Content-Type application/x-www-form-urlencoded or multipart/form-data, but the form data was either missing or syntactically invalid.

invalid_ooo_message

Invalid Out of Office message.

invalid_post_type

The method was called via a POST request, but the specified Content-Type was invalid. Valid types are: application/json application/x-www-form-urlencoded multipart/form-data text/plain.

invalid_profile

Profile object passed in is not valid JSON (make sure it is URL encoded!).

invalid_starts_with_at

Name cannot start with @.

method_deprecated

The method has been deprecated.

missing_post_type

The method was called via a POST request and included a data payload, but the request did not include a Content-Type header.

missing_scope

The token used is not granted the specific scope permissions required to complete this request.

must_clear_both_status_text_and_status_emoji

Clearing the status requires setting both status_text and status_emoji to ''.

name_not_allowed

name cannot contain URL.

no_permission

The workspace token used in this request does not have the permissions necessary to complete the request. Make sure your app is a member of the conversation it's attempting to post a message to.

not_admin

Only admins can update the profile of another user. Some fields, like email may only be updated by an admin.

not_allowed_token_type

The token type used in this request is not allowed.

not_app_admin

Only team owners and selected members can update the profile of a bot user.

not_authed

No authentication token provided.

org_login_required

The workspace is undergoing an enterprise migration and will not be available until migration is complete.

partial_profile_set_failed

Failed to set user profile.

permission_denied

Permission denied.

profile_set_failed

Failed to set user profile.

ratelimited

The request has been ratelimited. Refer to the Retry-After header for when to retry the request.

request_timeout

The method was called via a POST request, but the POST data was either missing or truncated.

reserved_name

First or last name are reserved.

service_unavailable

The service is temporarily unavailable

sudo_required

Request requires sudo session.

team_access_not_granted

The token used is not granted the specific workspace access required to complete this request.

team_added_to_org

The workspace associated with your request is currently undergoing migration to an Enterprise Organization. Web API and other platform operations will be intermittently unavailable until the transition is complete.

token_expired

Authentication token has expired

token_revoked

Authentication token is for a deleted user or workspace or the app has been removed when using a user token.

too_long

You attempted to set a custom status but it was longer than the maximum allowed, 100.

two_factor_setup_required

Two factor setup is required.

username_same

Username is the same as the current username.