Update a customer
PATCH /customers/{id} - Partially update the mutable fields on a customer (identity) record.
0Gate is the primary public integration path for hosted payment, ramp, and swap experiences. Keep secret-key operations on your server and hand only browser-safe values to the widget.
Partially update a customer (identity) record. Only the mutable contact fields can change; send just the fields you want to modify. This is a standard CRM-style update, not a verification or document write.
Endpoint
| Field | Value |
|---|---|
| Method | PATCH |
| Path | /v1/customers/{id} |
| Area | Customers |
| Operation id | updateCustomer |
| Auth boundary | Secret key from your server. |
The {id} path parameter is a customer id scoped to your account. A customer that belongs to another partner, or has been soft-deleted, returns 404 — cross-tenant access is never 403.
Use it for
Correct or enrich a customer's first_name, last_name, country_code, or metadata. Send only the fields you are changing — omitted fields are left untouched.
Production rules
- Keep secret keys on your server. This endpoint requires an
sk_*key. - Send only mutable fields.
email,phone,external_id,kyc_status, andmodeare immutable or server-managed — including any of them is a400. - A field sent as
nullclears it; an omitted field is left unchanged. There is no separate "unset" call. - Wrap the path id in your code — the
{id}placeholder is a literal customer id at call time. - Treat examples and placeholder ids as fake data only.
Path parameters
| Field | Required | Type | Use it for |
|---|---|---|---|
id | Yes | string | The 0Bit customer id. |
Request body
Partial update — every field is optional. Sending an unlisted field (including the immutable/server-managed ones) is a 400.
| Field | Required | Type | Use it for |
|---|---|---|---|
first_name | No | string | null | Given name, max 128 chars. null clears it. |
last_name | No | string | null | Family name, max 128 chars. null clears it. |
country_code | No | string | null | ISO 3166-1 alpha-2, pattern ^[A-Za-z]{2}$. null clears it. |
metadata | No | object | Replaces your free-form key/value pairs. |
Immutable and server-managed fields
email, phone, and external_id are immutable after creation, and kyc_status and mode are server-managed. Sending any of them — or any other unlisted key — is a 400. The body is strictly whitelisted.
Response
Returns 200 with the updated customer object.
Examples
curl -X PATCH https://gate-api.0bit.app/v1/customers/67a1f3b9e4b0c10001234567 \
-H "Authorization: Bearer sk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{
"first_name": "Jordan",
"last_name": "Smith",
"country_code": "IE",
"metadata": { "plan": "enterprise" }
}'curl -X PATCH https://gate-api.0bit.app/v1/customers/67a1f3b9e4b0c10001234567 \
-H "Authorization: Bearer sk_test_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" \
-H "Content-Type: application/json" \
-d '{ "last_name": null }'Sending null clears last_name. Omitting a field leaves it unchanged.
{
"id": "67a1f3b9e4b0c10001234567",
"object": "customer",
"partner_id": "ptnr_test_000000000001",
"mode": "test",
"livemode": false,
"external_id": "user_42",
"email": "jordan@example.com",
"phone": "+447700900000",
"first_name": "Jordan",
"last_name": "Smith",
"country_code": "IE",
"kyc_status": "unverified",
"metadata": { "plan": "enterprise" },
"created_at": "2026-01-01T00:00:00Z",
"updated_at": "2026-01-02T00:00:00Z"
}Errors
All errors use the unified envelope and carry an X-Request-Id response header. Branch on code/type/statusCode, not on the free-form message.
{
"type": "invalid_request",
"code": "invalid_request",
"message": "Example validation error using fake data.",
"request_id": "req_test_000000000123",
"doc_url": null,
"statusCode": 400
}| Status | type | When it happens |
|---|---|---|
400 | invalid_request | Bad body — an immutable/server-managed field (email, phone, external_id, kyc_status, mode), an unknown key, or a malformed country_code. |
401 | unauthorized | Missing or invalid secret key. |
404 | not_found | No such customer, it belongs to another partner, or it has been soft-deleted. |
429 | rate_limited | Request throttled. Back off and retry. |
5xx | server_error | Transient server or upstream failure. Retry with bounded backoff. |
Public boundary
This reference covers partner-scoped endpoint behavior, authentication, idempotency, webhook verification, and support-safe records. Internal operations, administrative routes, and unsupported availability claims are outside the public API contract.