Skip to main content
PUT
/
api
/
post
/
{id}
Update Post
curl --request PUT \
  --url https://api.example.com/api/post/{id} \
  --header 'Content-Type: application/json' \
  --data '
{
  "json": "<string>"
}
'
{
  "code": 123,
  "status": "<string>",
  "changes": {},
  "post": {
    "id": 123,
    "user_id": 123,
    "category_id": 123,
    "title": "<string>",
    "content": "<string>",
    "image": "<string>",
    "created_at": "<string>",
    "updated_at": "<string>"
  },
  "message": "<string>",
  "errors": {}
}

Overview

This endpoint updates an existing blog post. Users can only update posts they have created. The system verifies ownership by matching the post’s user_id with the authenticated user’s ID from the JWT token.
This endpoint requires authentication. You must include a valid JWT token in the Authorization header.

Endpoint

PUT /api/post/{id}

Authentication

Required. This endpoint uses the api.auth middleware to verify the JWT token. Header: 
Authorization: Bearer YOUR_JWT_TOKEN

Path Parameters

id
number
required
The unique identifier of the post to update

Request Parameters

All parameters must be sent as a JSON string in the json field.
json
string
required
JSON-encoded string containing the post data to update
title
string
required
Updated title of the post
content
string
required
Updated content/body of the post
category_id
number
required
ID of the category this post belongs to
image
string
Filename of the uploaded image (optional for updates)

Example Request Body

{
  "json": "{\"title\":\"Updated Post Title\",\"content\":\"This is the updated content...\",\"category_id\":3,\"image\":\"1678905678newimage.jpg\"}"
}
The following fields are automatically removed from the update and cannot be modified: id, user_id, created_at, and user.

Response

Success Response (200)

code
number
required
HTTP status code (200 for success)
status
string
required
Status message (“success”)
changes
object
required
Object containing the fields that were updated
post
object
required
The updated post object
id
number
Unique identifier for the post
user_id
number
ID of the user who created the post
category_id
number
ID of the post’s category
title
string
Title of the post
content
string
Content/body of the post
image
string
Filename of the post’s image
created_at
string
Timestamp when the post was created
updated_at
string
Timestamp when the post was last updated
{
  "code": 200,
  "status": "success",
  "changes": {
    "title": "Updated Post Title",
    "content": "This is the updated content...",
    "category_id": 3,
    "image": "1678905678newimage.jpg"
  },
  "post": {
    "id": 15,
    "user_id": 5,
    "category_id": 3,
    "title": "Updated Post Title",
    "content": "This is the updated content...",
    "image": "1678905678newimage.jpg",
    "created_at": "2026-03-04T14:25:30.000000Z",
    "updated_at": "2026-03-04T15:10:45.000000Z"
  }
}

Error Response (400) - Validation Failed

code
number
HTTP status code (400 for bad request)
status
string
Status message (“error”)
message
string
Error description
errors
object
Validation error details
{
  "code": 400,
  "status": "error",
  "message": "datos enviados incorrecto",
  "errors": {
    "title": [
      "The title field is required."
    ]
  }
}

Error Response (400) - Post Not Found or Unauthorized

If the post doesn’t exist or doesn’t belong to the authenticated user: 
{
  "code": 400,
  "status": "error",
  "message": "datos enviados incorrecto"
}

Validation Rules

The following validation rules are enforced:
  • title: Required field
  • content: Required field
  • category_id: Required field
Unlike the create endpoint, the image field is not required when updating a post.

Authorization

The endpoint verifies ownership before allowing updates: 
$post = Post::where('id', $id)
    ->where('user_id', $user->sub)
    ->first();
You can only update posts that you have created. Attempting to update another user’s post will result in an error.

Protected Fields

The following fields are automatically removed and cannot be updated:
  • id - Post identifier
  • user_id - Post owner
  • created_at - Creation timestamp
  • user - User relationship data

Build docs developers (and LLMs) love

Get started for freeTalk to us