Changes the information for a single user. An owner must always have web access, so disabling web access for an owner is not allowed.

For local_user category user, If you do not plan to change the category, then you MUST exclude category, auth_method_id parameter.

For local_user category user, if you plan to change it into sso_user category user, then you MUST include category=sso_user, auth_method_id (with value > 0) parameters.
Here auth_method_id value comes from auth method id returned from GET /api/open/v1/authmethods API.
Since sso_user category user depends on external login credentials, so you MUST exclude encrypted_pwd, encrypted_iv and change_pwd_login parameters.

For ad_user and ad_group category user, you MUST exclude auth_method_id, encrypted_pwd, encrypted_iv and change_pwd_login parameters.

For sso_user category user, if you plan to change its auth method, then you ONLY need to include auth_method_id (with value > 0).
Here auth_method_id value comes from auth method id returned from GET /api/open/v1/authmethods API.
Since sso_user category user depends on external credentials, so you MUST exclude encrypted_pwd, encrypted_iv and change_pwd_login parameters.

For sso_user category user, if you plan to change it into local_user category user, then you MUST include category=local_user, encrypted_pwd, encrypted_iv parameters
and exclude auth_method_id parameter.
Since local_user depends on local login credentials, so you MUST include encrypted_pwd, encrypted_iv parameters. Of course, if you want the user to change its password on
next login, then you also can include change_pwd_login parameter.

For sso_group category user, you MUST exclude auth_method_id, encrypted_pwd, encrypted_iv and change_pwd_login parameters.