Update Customer Profile
Update the authenticated customer's profile information. All input fields are optional — send only the fields you want to change.
Note on password fields:
currentPassword,password, andconfirmPasswordare only required when the customer wants to change their password. For a regular profile update (name, email, phone, date of birth, etc.) you can omit all three. If you do change the password, you must send all three together —currentPasswordto verify the existing password, pluspasswordandconfirmPasswordfor the new password (which must match).
The same mutation also handles profile image updates via the image (base64 upload) or deleteImage (remove existing) fields.
Authentication
This query requires a valid customer authentication token in the Authorization header. Use the Customer Login API to retrieve the token.
Authorization: Bearer <accessToken>Mutation
mutation updateCustomerProfile($input: createCustomerProfileUpdateInput!) {
createCustomerProfileUpdate(input: $input) {
customerProfileUpdate {
id
firstName
lastName
email
phone
gender
dateOfBirth
status
subscribedToNewsLetter
isVerified
isSuspended
image
success
message
}
}
}Input Fields
| Name | Type | Required | Description |
|---|---|---|---|
firstName | String | ❌ No | Customer's first name |
lastName | String | ❌ No | Customer's last name |
email | String | ❌ No | Customer's email address (must be unique) |
phone | String | ❌ No | Phone number |
gender | String | ❌ No | Gender — one of male, female, other |
dateOfBirth | String | ❌ No | Date of birth in YYYY-MM-DD format |
currentPassword | String | ⚠️ Conditional | Required when changing password |
password | String | ⚠️ Conditional | New password |
confirmPassword | String | ⚠️ Conditional | New password confirmation (must match password) |
subscribedToNewsLetter | Boolean | ❌ No | Newsletter subscription flag |
status | String | ❌ No | Customer status (admin-controlled fields) |
isVerified | String | ❌ No | Verification status |
isSuspended | String | ❌ No | Suspension status |
image | String | ❌ No | Profile image as a base64 data URI (e.g. data:image/jpeg;base64,...) |
deleteImage | Boolean | ❌ No | Set to true to remove the existing profile image |
Response Fields
The mutation returns the updated profile under createCustomerProfileUpdate.customerProfileUpdate.
| Field | Type | Description |
|---|---|---|
id | ID | Customer identifier |
firstName | String | First name |
lastName | String | Last name |
email | String | Email address |
phone | String | Phone number |
gender | String | Gender |
dateOfBirth | String | Date of birth (YYYY-MM-DD) |
status | String | Customer status |
subscribedToNewsLetter | Boolean | Newsletter subscription flag |
isVerified | String | Verification flag |
isSuspended | String | Suspension flag |
image | String | URL/path to stored profile image |
success | Boolean | Operation success flag |
message | String | Success or error message |
Validation Rules
- First name and last name can contain letters and spaces.
- Email must be a valid format and unique across all customers.
- Date of birth must be in
YYYY-MM-DDformat. - Gender must be one of:
male,female,other. - Password change requires all three of
currentPassword,password, andconfirmPassword.passwordmust matchconfirmPassword, andcurrentPasswordmust match the existing password on file. imagemust be a valid base64 data URI (data:image/<jpeg|png|gif|webp>;base64,...).- Sending
deleteImage: trueremoves any existing stored image — pair it with noimagefield to clear the profile picture.
Error Responses
{
"errors": [
{
"message": "The email has already been taken.",
"extensions": { "category": "validation" }
}
]
}Other common error cases:
Current password is incorrect.—currentPassworddoes not match.The password confirmation does not match.—password≠confirmPassword.Invalid image format.—imageis not a recognized base64 data URI.Unauthenticated.— missing or invalid Bearer token.

