Mobile User

Profile

Read and update the authenticated mobile user profile.

Get Current Profile

GET /api/v1/mobile_user/profile

Returns the profile of the authenticated mobile user.

Required headers

Header	Required	Notes
`Authorization: Bearer <access_token>`	Yes	Access token from register or login.
`Accept-Language`	Optional	Localized response messages.

Success response

{
  "status_code": 200,
  "message": "Profile retrieved successfully",
  "data": {
    "uid": 120045,
    "uuid": "ea9b679c-6d42-4dcb-a10d-f46c0e0f8fb1",
    "phone": "012345678",
    "email": "user@example.com",
    "phone_code": "855",
    "country_code": "KH",
    "first_name": "Dara",
    "last_name": "Sok",
    "display_name": "Dara Sok",
    "full_name": "Dara Sok",
    "bio": "Mobile wallet user",
    "address": "Phnom Penh",
    "date_of_birth": "1998-01-10",
    "gender": "male",
    "profile_picture": "https://cdn.example.com/users/120045.png",
    "is_active": true,
    "is_email_verified": true,
    "is_phone_verified": true,
    "is_kyc_verified": false,
    "kyc_status": "NOT_VERIFY",
    "kyc_expire_date": null,
    "is_pin_set": true,
    "is_pin_set_str": "true",
    "status": "active",
    "top_up_rate": 1.5,
    "physical_card_commission": "10.00",
    "virtual_card_commission": "5.00",
    "created_at": "2026-02-28T10:30:00Z",
    "updated_at": "2026-02-28T10:30:00Z",
    "last_login_at": "2026-03-01T08:00:00Z",
    "agent_referral_code": "AGT12345"
  }
}

Response field notes

is_active: whether the mobile user account is currently active
kyc_status: summarized KYC state used by the app, such as NOT_VERIFY, VERIFYING, VERIFIED, or VERIFY_FAIL
kyc_expire_date: latest KYC expiry date when available; may be null
physical_card_commission and virtual_card_commission: current commission values returned for the user/agent relationship
last_login_at: timestamp of the user's latest successful login when available
agent_referral_code: referral code associated with the agent linked to this mobile user

Update Current Profile

PUT /api/v1/mobile_user/profile

Updates editable profile fields for the authenticated mobile user.

This route uses DecryptField() middleware, so you can send plain JSON or the encrypted wrapper described in Overview.

Request

{
  "first_name": "Dara",
  "last_name": "Sok",
  "display_name": "Dara S.",
  "bio": "Mobile wallet user",
  "address": "Phnom Penh",
  "date_of_birth": "1998-01-10",
  "gender": "male",
  "profile_picture": "https://cdn.example.com/users/120045.png"
}

Editable fields

Field	Notes
`first_name`	Max 100 chars
`last_name`	Max 100 chars
`display_name`	Max 200 chars
`bio`	Max 1000 chars
`address`	Max 500 chars
`date_of_birth`	Optional string
`gender`	One of `male`, `female`, `other`, `prefer_not_to_say`
`profile_picture`	Max 500 chars

Success response

The API returns the updated profile in the same shape as GET /api/v1/mobile_user/profile.

Common Failures

401: missing or invalid bearer token.
404: mobile user not found.
400: validation failure on one or more fields.

Edit this pageorReport an issue

Token And Session

Connect-token flow and token usage on protected routes.

Phone Management

Set an initial phone number or replace the current one with OTP verification.