https://api.dev.bifrostgaming.com/v1/graphqlpartnerServerAction
v1Updates a guild owner's email address. This atomically updates the email in the identity provider (Keycloak), the database user record, and the guild's ownerId metadata. The user cannot change their own email in the control panel — only the partner can do this via this action.
Operation Type
Mutation
Rate Limit: 30 requests per minute per partner
Rate limits are applied per partner. Bulk operations should be spaced out.
Important usage notes
- The email is updated atomically across three systems: the database user record, the identity provider (Keycloak), and the guild's ownerId in partnerMetadata. If any step fails, all changes are rolled back.
- If the new email is already in use by another user, a 409 error is returned.
- After a successful email change, use the new email as the ownerId for all future API calls targeting this guild.
- The guild owner's email field is locked in the control panel — they will see a message directing them to contact their service provider to change it.
- This action is audited. The previous and new email addresses are recorded in the billing audit log.
Input Fields
| Field | Type | Required | Description |
|---|---|---|---|
partnerId | String! | Required | Your unique partner identifier. This was provided to you when your partner account was created. |
encryptedData | String! | Required | Your JSON payload encrypted with AES-256-GCM using your partner encryption key, then Base64 encoded. See the Encryption Guide for details. |
Encrypted Payload Fields
| Field | Type | Required | Description |
|---|---|---|---|
action | String | Required | Must be "CHANGE_EMAIL". |
timestamp | Number | Required | Current time in Unix milliseconds. Must be within 5 minutes of server time. |
nonce | String | Required | A unique random string, at least 16 characters. Use a UUID or similar. |
ownerId | String | Required | The current email of the guild owner you want to update. |
newEmail | String | Required | The new email address to assign. Must not already be in use by another user. |
These fields make up the JSON payload that is encrypted with AES-256-GCM before being sent as encryptedData.
Code Examples
# Step 1: Encrypt your payload (see Encryption Guide)
# Step 2: Send the encrypted payload
curl -X POST https://api.dev.bifrostgaming.com/v1/graphql \
-H "Content-Type: application/json" \
-d '{
"query": "mutation PartnerServerAction($input: PartnerServerActionInput!) { partnerServerAction(input: $input) { success statusCode message } }",
"variables": {
"input": {
"partnerId": "your-partner-id",
"encryptedData": "BASE64_ENCRYPTED_PAYLOAD_HERE"
}
}
}'Postman Collection
Download a ready-to-use Postman collection for this endpoint. Import it into Postman to start testing immediately.
How to import into Postman
- Open Postman and click Import (top-left)
- Drag and drop the downloaded
.jsonfile, or click Upload Files and select it - Click Import to confirm
- The collection appears in your sidebar — expand it and select the request
- In the Body tab, update the placeholder values (
your-partner-id, etc.) with your actual credentials - Click Send
The collection uses Postman's GraphQL body type, which provides syntax highlighting and variable editing. Make sure your Postman version is 7.2+ for GraphQL support.
Success Response200
{
"data": {
"partnerServerAction": {
"success": true,
"statusCode": 200,
"message": "Email updated from [email protected] to [email protected]"
}
}
}Error Responses
Response Fields
| Field | Type | Required | Description |
|---|---|---|---|
success | Boolean | Required | true if the email was updated successfully. |
statusCode | Int | Required | HTTP-style status code. 200 = ok, 400 = bad request, 401 = unauthorized, 404 = guild/owner not found, 409 = email already in use, 500 = error. |
message | String | Required | A human-readable description of the result. |
serverId | String | Optional | Not used for this action. |
