Skip to main content
PUT
/
api
/
transactions
/
:id
Update Transaction
curl --request PUT \
  --url https://api.example.com/api/transactions/:id \
  --header 'Content-Type: application/json' \
  --data '
{
  "date": "<string>",
  "description_encrypted": "<string>",
  "amount_encrypted": "<string>",
  "amount_sign": "<string>",
  "subcategory_id": "<string>",
  "bank_category_encrypted": "<string>",
  "bank_subcategory_encrypted": "<string>",
  "description": "<string>",
  "amount": 123
}
'
{
  "success": true,
  "transaction": {
    "id": "<string>",
    "account_id": "<string>",
    "date": "<string>",
    "subcategory_id": {},
    "description": "<string>",
    "amount": 123,
    "description_encrypted": "<string>",
    "amount_encrypted": "<string>",
    "amount_sign": "<string>",
    "bank_category": {},
    "bank_subcategory": {},
    "created_at": "<string>",
    "updated_at": "<string>"
  },
  "error": "<string>"
}

Overview

This endpoint updates an existing transaction. It supports both encrypted and unencrypted formats. You can update any combination of the transaction’s fields.

Authentication

Requires a valid authentication token. Only transactions belonging to accounts owned by the authenticated user can be updated.

Path Parameters

id
string
required
UUID of the transaction to update

Request Body

The API accepts two formats: encrypted or unencrypted. The presence of description_encrypted or amount_encrypted determines which validation schema is used. At least one field must be provided.

Encrypted Format

date
string
Transaction date in YYYY-MM-DD format. Cannot be a future date.
description_encrypted
string
Updated encrypted transaction description
amount_encrypted
string
Updated encrypted transaction amount
amount_sign
string
Updated amount sign
subcategory_id
string
UUID of the subcategory to assign. Can be null to remove the subcategory.
bank_category_encrypted
string
Updated encrypted bank category. Can be null.
bank_subcategory_encrypted
string
Updated encrypted bank subcategory. Can be null.

Unencrypted Format (Legacy)

date
string
Transaction date in YYYY-MM-DD format. Cannot be a future date.
description
string
Updated transaction description. Must be between 3 and 60 characters.
amount
number
Updated transaction amount. Must be a positive number.
subcategory_id
string
UUID of the subcategory to assign. Can be null to remove the subcategory.

Response

success
boolean
Indicates whether the transaction was updated successfully
transaction
object
The updated transaction object

Examples

Update Encrypted Transaction

curl -X PUT https://api.example.com/api/transactions/550e8400-e29b-41d4-a716-446655440000 \
  -H "Content-Type: application/json" \
  -H "Cookie: token=your-auth-token" \
  -d '{
    "description_encrypted": "U2FsdGVkX1+updated...",
    "amount_encrypted": "U2FsdGVkX1+newamount...",
    "amount_sign": "negative",
    "subcategory_id": "987fcdeb-51a2-43f1-b789-123456789abc"
  }'

Update Encrypted Transaction Response

{
  "success": true,
  "transaction": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "account_id": "123e4567-e89b-12d3-a456-426614174000",
    "date": "2026-03-01T00:00:00.000Z",
    "description_encrypted": "U2FsdGVkX1+updated...",
    "amount_encrypted": "U2FsdGVkX1+newamount...",
    "amount_sign": "negative",
    "subcategory_id": "987fcdeb-51a2-43f1-b789-123456789abc",
    "bank_category_encrypted": null,
    "bank_subcategory_encrypted": null,
    "created_at": "2026-03-05T10:30:00.000Z",
    "updated_at": "2026-03-05T14:45:00.000Z"
  }
}

Update Unencrypted Transaction

curl -X PUT https://api.example.com/api/transactions/550e8400-e29b-41d4-a716-446655440000 \
  -H "Content-Type: application/json" \
  -H "Cookie: token=your-auth-token" \
  -d '{
    "description": "Updated grocery shopping",
    "amount": 150.75
  }'

Update Unencrypted Transaction Response

{
  "success": true,
  "transaction": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "account_id": "123e4567-e89b-12d3-a456-426614174000",
    "date": "2026-03-01T00:00:00.000Z",
    "description": "Updated grocery shopping",
    "amount": 150.75,
    "subcategory_id": "987fcdeb-51a2-43f1-b789-123456789abc",
    "bank_category": null,
    "bank_subcategory": null,
    "created_at": "2026-03-05T10:30:00.000Z",
    "updated_at": "2026-03-05T14:45:00.000Z"
  }
}

Update Only Date

curl -X PUT https://api.example.com/api/transactions/550e8400-e29b-41d4-a716-446655440000 \
  -H "Content-Type: application/json" \
  -H "Cookie: token=your-auth-token" \
  -d '{
    "date": "2026-02-28"
  }'

Remove Subcategory

curl -X PUT https://api.example.com/api/transactions/550e8400-e29b-41d4-a716-446655440000 \
  -H "Content-Type: application/json" \
  -H "Cookie: token=your-auth-token" \
  -d '{
    "subcategory_id": null
  }'

Error Responses

success
boolean
Always false for errors
error
string
Error message describing what went wrong

Common Errors

  • 400 Bad Request: Invalid parameters or no fields provided for update
  • 401 Unauthorized: Missing or invalid authentication token
  • 404 Not Found: Transaction not found or user doesn’t have access

Example Error Responses

{
  "success": false,
  "error": "Transacción no encontrada"
}

{
  "success": false,
  "error": "Debes proporcionar al menos un campo para actualizar"
}

{
  "success": false,
  "error": "La descripción debe tener al menos 3 caracteres"
}

Notes

  • CSRF protection is enforced for this endpoint
  • You must provide at least one field to update
  • The description field is sanitized before storage when using unencrypted format
  • You can mix encrypted and unencrypted fields in the same request if updating from unencrypted to encrypted format
  • The updated_at timestamp is automatically updated
  • Only the fields you provide will be updated; other fields remain unchanged

Build docs developers (and LLMs) love

Get started for freeTalk to us