> ## Documentation Index > Fetch the complete documentation index at: https://docs.mangopay.com/llms.txt > Use this file to discover all available pages before exploring further. # Update a Legal User (SCA) > Modify details for a Legal Payer or Owner without changing category export const Aml = ({content}) => {content} ; **Caution – Modification may trigger SCA re-enrollment** If `UserCategory` is `OWNER`, modifying the following values changes `UserStatus` to `PENDING_USER_ACTION` and requires [re-enrollment in SCA](/guides/sca/users#re-enroll-an-enrolled-owner) using the returned `PendingUserAction.RedirectUrl`: * `LegalRepresentative.Email` * `LegalRepresentative.PhoneNumber` * `LegalRepresentative.PhoneNumberCountry` In Sandbox, you can bypass SCA by including the word `accept` in the Legal User's `LegalRepresentative.Email` – for example `accept@example.com` or `john.doe+accept@example.com`. **Caution – Modification may cause KYC/B verification downgrade** If `KYCLevel` is `REGULAR`, modifying the following values triggers a [verification downgrade](/guides/users/verification/downgrade) to `LIGHT`: * `LegalRepresentative.FirstName` * `LegalRepresentative.LastName` * `LegalRepresentative.Birthday` * `LegalRepresentative.Nationality` * `LegalPersonType` **Note – Country-based restrictions apply to users** Due to Mangopay's [country restrictions](/guides/users/country-restrictions), it is not possible to use blocked countries as the following: * `HeadquartersAddress.Country` * `LegalRepresentative.Nationality` * `LegalRepresentative.CountryOfResidence` * `LegalRepresentativeAddress.Country` ### Body parameters **Possible values:** `USER_PRESENT`, `USER_NOT_PRESENT` **Default value:** `USER_PRESENT` The SCA context of the request, which is **required** if the user's `UserCategory` is `OWNER`: * `USER_PRESENT` – The user is taking the SCA-triggering action of updating account information and must re-enroll in SCA . The platform must [redirect the user](/guides/sca/session) using the `PendingUserAction.RedirectUrl` returned so that the user can complete the SCA session. * `USER_NOT_PRESENT` – The platform is taking the action under proxy from the user and the user has previously given consent to Mangopay (via the SCA hosted experience) to allow the action. If the user has not given (or has revoked) their consent, then `USER_NOT_PRESENT` returns a 403 error. Read more about [managing proxy and user consent](/guides/sca/proxy-management) **→** **Note:** On User endpoints, `ScaContext` is not returned in the API response as it does not form part of the User data – it's only related to the action being performed on the user. Whether the user has accepted Mangopay's terms and conditions (as defined by your contract, see the [T\&Cs guide](/guides/users/terms) for details). Must be `true` if `UserCategory` is `OWNER`. Max. length: 255 characters The registered legal name of the entity. The `Name` value should be the one registered with the relevant national authority. **Allowed values:** BUSINESS, PARTNERSHIP, ORGANIZATION, SOLETRADER The type of legal user. For information on which `LegalPersonType` to use for a particular local legal structure, see the verification requirements. **Caution:** Modification of the `LegalPersonType` may result in a verification downgrade. Information about the legal representative declared for the user. Min. length: 1; max. length: 100 The first name of the individual. Min. length: 1; max. length: 100 The last name of the individual. Required if `UserCategory` is `OWNER`. Returned `null` if `UserCategory` is `PAYER`. The date of birth of the individual. **Note:** This is a Unix timestamp in UTC. Ensure you convert your timezone to UTC to avoid midnight being interpreted as the day before. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) Required if `UserCategory` is `OWNER`. Returned `null` if `UserCategory` is `PAYER`. The nationality of the individual. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) Required if `UserCategory` is `OWNER`. Returned `null` if `UserCategory` is `PAYER`. The country of residence of the individual. Format: A valid email address The individual's email address. **Caution:** If `UserCategory` is `OWNER`, modifying this value means the user will be required to re-enroll the new value in SCA via the `PendingUserAction.RedirectUrl`. For more details see the [SCA guides](/guides/sca/users). Format: International E.164 standard (preceded by plus sign and country code) or local format The individual's phone number. The local format (recommended) requires `PhoneNumberCountry` to ensure correct formatting. If present, the phone number forms part of card transaction data that is passed to issuers to improve authentication rates. For users with `UserCategory` `OWNER` , the phone number is used to pre-populate the SCA session for them to confirm and receive an SMS OTP. If the individual modifies the phone number during the session, this data is not updated in the API. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) Required if the `PhoneNumber` is provided in local format (recommended), to render the value in the E.164 standard. Required if `UserCategory` is `OWNER` and `LegalPersonType` is `BUSINESS`. Returned `null` if `UserCategory` is `PAYER`. The registration number of the entity, assigned by the relevant national authority. For information on the expected format for a specific country, see the [Company number](/guides/users/verification/company-number) guide. To validate the format of a number before submitting documents for verification, use [POST Validate the format of User data](/api-reference/user-data-format/validate-user-data-format). Required if `UserCategory` is `OWNER`. Child parameters returned `null` if `UserCategory` is `PAYER`. The legally registered address of the entity’s administrative center. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters Required if `Country` is US, CA, or MX. The region of the address. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. The country of the address. The address of the entity’s legal representative. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters Required if `Country` is US, CA, or MX. The region of the address. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. Max. length: 255 characters Custom data that you can add to this object. Format: A valid email address The email address for the entity. ### Responses Max. length: 255 characters The registered legal name of the entity. The `Name` value should be the one registered with the relevant national authority. **Returned values:** BUSINESS, PARTNERSHIP, ORGANIZATION, SOLETRADER The type of legal user. For information on which `LegalPersonType` to use for a particular local legal structure, see the verification requirements. **Caution:** Modification of the `LegalPersonType` may result in a verification downgrade. Information about the legal representative declared for the user. Min. length: 1; max. length: 100 The first name of the individual. Min. length: 1; max. length: 100 The last name of the individual. The `Id` of the KYC Document whose `Type` is `IDENTITY_PROOF` if validated for the user. If no identity proof is validated, then this value is `null`. Returned `null` if `UserCategory` is `PAYER`. The date of birth of the individual. **Note:** This is a Unix timestamp in UTC. Ensure you convert your timezone to UTC to avoid midnight being interpreted as the day before. Returned `null` if `UserCategory` is `PAYER`. The nationality of the individual. Returned `null` if `UserCategory` is `PAYER`. The country of residence of the individual. Format: A valid email address Required if `UserCategory` is `OWNER`. Returned `null` if `UserCategory` is `PAYER`. The individual's email address. For `OWNER` users, SCA uses this email address to build a [behavioral biometrics profile](/guides/sca/factors#email-confirmation-behavioral-biometrics) and as a backup communication channel. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) Required if the `PhoneNumber` is provided in local format (recommended), to render the value in the E.164 standard. Format: International E.164 standard (preceded by plus sign and country code) or local format The individual's phone number. The local format (recommended) requires `PhoneNumberCountry` to ensure correct formatting. If present, the phone number forms part of card transaction data that is passed to issuers to improve authentication rates. For users with `UserCategory` `OWNER` , the phone number is used to pre-populate the SCA session for them to confirm and receive an SMS OTP. If the individual modifies the phone number during the session, this data is not updated in the API. The `Id` of the KYC Document whose `Type` is `REGISTRATION_PROOF` if validated for the user. If no registration proof is validated, then this value is `null`. The `Id` of the KYC Document whose `Type` is `SHAREHOLDERS_DECLARATION` if validated for the user. If no Shareholder Declaration is validated, then this value is `null`. The `Id` of the KYC Document whose `Type` is `ARTICLES_OF_ASSOCIATION` if validated for the user. If no articles of association document is validated, then this value is `null`. Required if `UserCategory` is `OWNER` and `LegalPersonType` is `BUSINESS`. Returned `null` if `UserCategory` is `PAYER`. The registration number of the entity, assigned by the relevant national authority. For information on the expected format for a specific country, see the [Company number](/guides/users/verification/company-number) guide. To validate the format of a number before submitting documents for verification, use [POST Validate the format of User data](/api-reference/user-data-format/validate-user-data-format). Object containing the link needed for SCA redirection if triggered by the API call (otherwise returned `null`). The URL to which to redirect the user to perform strong customer authentication (SCA) via a Mangopay-hosted webpage. This value is a variable and should not be hardcoded. The SCA session link expires 10 minutes after it's generated. **Caution:** Before redirecting the user on this URL, you must add the query parameter `ReturnUrl` with the percent-encoded URL to which you want the SCA session to return the user after authentication (whether successful or not). For more details, see [How to redirect a user for an SCA session](/guides/sca/session#how-to-redirect-a-user-for-sca). The legally registered address of the entity’s administrative center.\ This object’s sub-parameters are `null` if the `UserCategory` is `PAYER`. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters The region of the address. This field is optional except if the `Country` is US, CA, or MX. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. The address of the entity’s legal representative. Max. length: 255 characters The first line of the address. Max. length: 255 characters The second line of the address. Max. length: 255 characters The city of the address. Max. length: 255 characters The region of the address. This field is optional except if the `Country` is US, CA, or MX. Max. length: 255 characters The postal code of the address. The postal code can contain the following characters: alphanumeric, dashes, and spaces. Format: Two-letter country code ([ISO 3166-1 alpha-2 format](/api-reference/overview/data-formats)) The country of the address. Max length: 128 characters (see [data formats](/api-reference/overview/data-formats) for details) The unique identifier of the object. Max. length: 255 characters Custom data that you can add to this object. The date and time at which the object was created. **Returned values:** NATURAL, LEGAL The type of the user: * `NATURAL` – Natural users are individuals (natural persons). * `LEGAL` – Legal users are legal entities (legal persons) like companies, non-profits, and sole proprietors. The `PersonType` is defined by the endpoint used to create the user and can’t be modified. Format: A valid email address The email address for the entity. **Default value:** `LIGHT` **Returned values:** `LIGHT`, `REGULAR` The verification status of the user set by Mangopay: * `LIGHT` – Unverified, assigned by default to all users. * `REGULAR` – Verified, meaning the user has successfully completed the verification process and had the necessary documents validated by Mangopay. Only users whose `UserCategory` is `OWNER` can submit verification documents for validation. Only users whose `KYCLevel` is `REGULAR` can request payouts. Whether the user has accepted Mangopay's terms and conditions (as defined by your contract, see the [T\&Cs guide](/guides/users/terms) for details). Must be `true` if `UserCategory` is `OWNER`. The date and time at which the `TermsAndConditionsAccepted` value was set to `true`. Returned `null` if `UserCategory` is `PAYER`. **Possible values:** `PAYER`, `OWNER`, `PLATFORM` The [category](/guides/users/categories) of the user: * `PAYER` – User who can only make pay-ins to their wallets and transfers to other wallets (as well as refunds for pay-ins and transfers). * `OWNER` – User who can also receive transfers to their wallets. Owners are able to request [KYC verification](/guides/users/verification), which if successful gives them the `KYCLevel` of `REGULAR` and the ability to request payouts. * `PLATFORM` – Single specific user that represents the platform. The `PLATFORM` value is only assigned by Mangopay and may be used as part of the validated workflow implemented by the platform. **Returned values:** `PENDING_USER_ACTION`, `ACTIVE`, `CLOSED` The status of the user: * `PENDING_USER_ACTION` – The user must enroll in SCA before they can become `ACTIVE`. * `ACTIVE` – The user account is active and the user can access Mangopay features. * `CLOSED` – The user account is permanently closed. This value is used by Mangopay to close an account following the procedure outlined in the terms and conditions. ```json theme={null} { "Message": "The data you provided does not comply with our anti-fraud policy", "Type": "fraud_policy", "Id": "51876239-4814-422e-8f4b-6986520414bb#1750420019", "Date": 1750420020, "errors": null } ``` Read more about Mangopay's [AML rules on user data](/guides/users/types#rules-on-user-data) **→** ```json theme={null} { "Message": "One or several required parameters are missing or incorrect. An incorrect resource ID also raises this kind of error.", "Type": "param_error", "Id": "864a164a-cbb9-4e9d-b140-2b83c720e729", "Date": 1690291065.0, "errors": { "LegalRepresentative.Email": "The field Email must match the regular expression '([a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*)@(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?'." } } ``` ```json theme={null} { "Message": "One or several required parameters are missing or incorrect. An incorrect resource ID also raises this kind of error.", "Type": "param_error", "Id": "733c8dbc-2770-4cc4-80d4-63d684cff38c#1750669115", "Date": 1750669116, "errors": { "HeadquartersAddress.Country": "The HeadquartersAddress.Country used is blocked" } } ``` Read more about [country restrictions](/guides/users/country-restrictions) **→** ```json 403 - Forbidden theme={null} { "Message": "You are not authorized to perform this action. The user has not provided consent to the requested proxy", "Type": "sca_proxy_missing", "Id": "bbf56cc0-079d-44fd-9e23-53bdb3e283e5#1762177336", "Date": 1762177337, "errors": null } ``` The 403 error above occurs when your platform has [proxy management](/guides/sca/proxy-management) activated and sends `USER_NOT_PRESENT` for `ScaContext` with new values for the `Email`, `PhoneNumber` or `PhoneNumberCountry` properties of the `LegalRepresentative` object, but the user has not given (or has revoked) their consent for your platform to update SCA contact information in their absence. There are two ways to resolve this: 1. Ask the user to consent to your use of `USER_NOT_PRESENT` for this action by ticking the checkbox returned on the [POST Manage proxy consent for a User](/api-reference/users/manage-proxy-consent) endpoint 2. Send the API call to update SCA contact information again but with `ScaContext` set to `USER_PRESENT`, and redirect the user to authenticate the action ```json theme={null} { "Message": "One or several required parameters are missing or incorrect. An incorrect resource ID also raises this kind of error.", "Type": "param_error", "Id": "741b5be7-a34c-4fd4-abb5-75b23d0b1cec", "Date": 1776242161.0, "errors": { "LegalRepresentative.Birthday": "The Birthday value indicates an age over 120 years, which is not allowed." } } ``` ```json REST - Payer theme={null} { "Name": "Alex Smith", "LegalPersonType": "SOLETRADER", "LegalRepresentative": { "FirstName": "Alex", "LastName": "Smith", "ProofOfIdentity": null, "Birthday": null, "Nationality": null, "CountryOfResidence": null, "Email": null, "PhoneNumber": null, "PhoneNumberCountry": null }, "ProofOfRegistration": null, "ShareholderDeclaration": null, "Statute": null, "CompanyNumber": null, "PendingUserAction": null, "HeadquartersAddress": { "AddressLine1": null, "AddressLine2": null, "City": null, "Region": null, "PostalCode": null, "Country": null }, "LegalRepresentativeAddress": { "AddressLine1": "3 rue de la Cité", "AddressLine2": "Appartement 7", "City": "Paris", "Region": "Île-de-France", "PostalCode": "75004", "Country": "FR" }, "Id": "user_m_01JF7FKVP51PS3TYKCN79VZZ8M", "Tag": "Updated using the Mangopay API Postman collection", "CreationDate": 1734344306, "PersonType": "LEGAL", "Email": "alex.smith.services@example.com", "KYCLevel": "LIGHT", "TermsAndConditionsAccepted": false, "TermsAndConditionsAcceptedDate": null, "UserCategory": "PAYER", "UserStatus": "ACTIVE" } ``` ```json REST - Owner theme={null} { "Name": "Alex Smith", "LegalPersonType": "SOLETRADER", "LegalRepresentative": { "FirstName": "Alex", "LastName": "Smith", "ProofOfIdentity": null, "Birthday": 652117514, "Nationality": "FR", "CountryOfResidence": "FR", "Email": "alex.smith@example.com", "PhoneNumber": "0611111111", "PhoneNumberCountry": "FR" }, "ProofOfRegistration": null, "ShareholderDeclaration": null, "Statute": null, "CompanyNumber": "123456789", "PendingUserAction": null, "HeadquartersAddress": { "AddressLine1": "3 rue de la Cité", "AddressLine2": "Appartement 7", "City": "Paris", "Region": "Île-de-France", "PostalCode": "75004", "Country": "FR" }, "LegalRepresentativeAddress": { "AddressLine1": "3 rue de la Cité", "AddressLine2": "Appartement 7", "City": "Paris", "Region": "Île-de-France", "PostalCode": "75004", "Country": "FR" }, "Id": "user_m_01JF7FKVP51PS3TYKCN79VZZ8M", "Tag": "Updated using the Mangopay API Postman collection", "CreationDate": 1734344306, "PersonType": "LEGAL", "Email": "alex.smith.services@example.com", "KYCLevel": "LIGHT", "TermsAndConditionsAccepted": true, "TermsAndConditionsAcceptedDate": 1734344306, "UserCategory": "OWNER", "UserStatus": "PENDING_USER_ACTION" } ``` ```json REST - Payer theme={null} { "UserCategory": "PAYER", "TermsAndConditionsAccepted": false, "Tag": "New tag" } ``` ```json REST - Owner theme={null} { "UserCategory": "OWNER", "TermsAndConditionsAccepted": true, "Tag": "New tag" } ``` ```ruby Ruby theme={null} require 'mangopay' MangoPay.configure do |client| client.preproduction = true client.client_id = 'your-mangopay-client-id' client.client_apiKey = 'your-mangopay-api-key' client.log_file = File.join(Dir.pwd, 'mangopay.log') end def updateLegalUserSca(legalUserScaId, legalUserScaObject) begin response = MangoPay::LegalUserSca.update(legalUserScaId, legalUserScaObject) puts response return response rescue MangoPay::ResponseError => error puts "Failed to update User: #{error.message}" puts "Error details: #{error.details}" return false end end myLegalUserSca = { Tag: 'New tag', TermsAndConditionsAccepted: true } updateLegalUserSca('user_m_01K85WZZWDYTG4AKT2P0NH954Y', myLegalUserSca) ``` ```csharp .NET theme={null} using MangoPay.SDK; using MangoPay.SDK.Entities.PUT; using Newtonsoft.Json; public class UpdateLegalUserSca { public void Run() { Task.Run(async () => { MangoPayApi api = new MangoPayApi(); api.Config.ClientId = "your-client-id"; api.Config.ClientPassword = "your-api-key"; var userId = "user_m_01K8AZMW2X4HWC02XVWXXSH86T"; var myUser = new UserLegalScaPutDTO { TermsAndConditionsAccepted = true, Tag = "Updated tag" }; var updatedUser = await api.Users.UpdateLegalAsync(myUser, userId); string prettyPrint = JsonConvert.SerializeObject(updatedUser, Formatting.Indented); Console.WriteLine(prettyPrint); }).GetAwaiter().GetResult(); } } ``` ```php PHP theme={null} Config->ClientId = 'your-client-id'; $api->Config->ClientPassword = 'your-mangopay-api-key'; $api->Config->TemporaryFolder = 'tmp/'; try { $user = $api->Users->GetLegalSca('user_m_01K892WTEN9AM7EFS2CYY9NVYQ'); $user->Tag = 'Updated tag'; $user->TermsAndConditionsAccepted = true; $response = $api->Users->UpdateSca($user); print_r($response); } catch (MGPResponseException $e) { print_r($e); } catch (MGPException $e) { print_r($e); } ``` ```javascript NodeJS theme={null} const mangopayInstance = require('mangopay4-nodejs-sdk') const mangopay = new mangopayInstance({ clientId: 'your-client-id', clientApiKey: 'your-api-key', }) let myLegalUser = { Id: 'user_m_01HYJVHY77NDDM97TQP57W87MH', HeadquartersAddress: { AddressLine1: '57 Main Road', AddressLine2: null, City: 'London', PostalCode: 'NW1 4RG', Country: 'GB', }, LegalRepresentativeAddress: { AddressLine1: '35 London Road', AddressLine2: null, City: 'London', PostalCode: 'NW1 0AA', Country: 'GB', }, Name: 'Executive Consulting', LegalPersonType: 'BUSINESS', LegalRepresentativeFirstName: 'Juliana', LegalRepresentativeLastName: 'Dunn', LegalRepresentativeEmail: 'juliana.dunn@example.com', LegalRepresentativeBirthday: 188301600, LegalRepresentativeNationality: 'GB', LegalRepresentativeCountryOfResidence: 'GB', CompanyNumber: '12345678', Tag: 'Created using the Mangopay NodeJS SDK', Email: 'executive.consulting@example.com', TermsAndConditionsAccepted: true, UserCategory: 'OWNER', PersonType: 'LEGAL', LegalSca: true, } const updateLegalUser = async (legalUser) => { return await mangopay.Users.update(legalUser) .then((response) => { console.info(response) return response }) .catch((err) => { console.log(err) return false }) } updateLegalUser(myLegalUser) ```