E017: Update user role
PATCH /api/organizations/current/members/:userId
Promotes or demotes a member among owner, admin, and member. Triggered from Settings, Users.
Authentication
Standard tenant route. Requires Authorization: Bearer <firebase-id-token> and X-Org-Id: <org-id>. Access: Owner.
Request
{
"role": "admin"
}
| Field | Type | Required | Notes |
|---|---|---|---|
role | "admin" | "member" | yes | Cannot promote to owner (ownership transfer is a separate, out-of-scope flow). |
Response — 200 OK
{
"membership": { "userId": "uuid", "orgId": "uuid", "role": "admin" }
}
Errors
| HTTP | code | Condition |
|---|---|---|
| 404 | not_found | No such member in this org. |
| 403 | forbidden | Caller is not the org owner. |
| 422 | validation_failed | role is owner or otherwise invalid. |
| 409 | invalid_transition | Attempt to demote the sole owner. |
Workflow
Calls W017 Update user role.