> ## Documentation Index
> Fetch the complete documentation index at: https://developers.circle.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a challenge to update PIN

> Creates a challenge to update a user's PIN using the current PIN.



## OpenAPI

````yaml openapi/user-controlled-wallets.yaml put /v1/w3s/user/pin
openapi: 3.0.3
info:
  version: '1.0'
  title: User-Controlled Wallets
  description: User-Controlled Wallets API documentation.
servers:
  - url: https://api.circle.com
security:
  - BearerAuth: []
tags:
  - name: Social/ Email Authentication
  - name: PIN Authentication
  - name: Users
  - name: Wallets
  - name: Transactions
  - name: Token Lookup
  - name: Signing
paths:
  /v1/w3s/user/pin:
    put:
      tags:
        - PIN Authentication
      summary: Create a challenge to update PIN
      description: Creates a challenge to update a user's PIN using the current PIN.
      operationId: updateUserPinChallenge
      parameters:
        - $ref: '#/components/parameters/XUserToken'
      requestBody:
        $ref: '#/components/requestBodies/SetPin'
      responses:
        '200':
          description: >-
            Returns the existing challenge if the idempotency key matches a
            previous successful request.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Pin'
          headers:
            X-Request-Id:
              $ref: '#/components/headers/XRequestId'
        '201':
          description: Successfully created the challenge to update the PIN.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Pin'
          headers:
            X-Request-Id:
              $ref: '#/components/headers/XRequestId'
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/NotAuthorized'
      security:
        - BearerAuth: []
components:
  parameters:
    XUserToken:
      name: X-User-Token
      description: Unique system generated JWT session token for specific user.
      required: true
      in: header
      schema:
        type: string
  requestBodies:
    SetPin:
      content:
        application/json:
          schema:
            title: SetPinRequest
            type: object
            required:
              - idempotencyKey
            properties:
              idempotencyKey:
                $ref: '#/components/schemas/IdempotencyKey'
      description: Request body
      required: true
  schemas:
    Pin:
      title: PinResponse
      type: object
      required:
        - data
      properties:
        data:
          type: object
          required:
            - challengeId
          properties:
            challengeId:
              $ref: '#/components/schemas/ChallengeId'
    IdempotencyKey:
      type: string
      description: >-
        Universally unique identifier (UUID v4) idempotency key. This key is
        utilized to ensure exactly-once execution of mutating requests. To
        create a UUIDv4 go to
        [uuidgenerator.net](https://www.uuidgenerator.net). If the same key is
        reused, it will be treated as the same request and the original response
        will be returned.
      example: a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a11
      format: uuid
    ChallengeId:
      type: string
      format: uuid
      description: >-
        Unique system generated identifier used to initiate a user challenge
        flow.
      example: c4d1da72-111e-4d52-bdbf-2e74a2d803d5
    XRequestId:
      type: string
      format: uuid
      description: >-
        A unique identifier, which can be helpful for identifying a request when
        communicating with Circle support.
      example: 2adba88e-9d63-44bc-b975-9b6ae3440dde
  headers:
    XRequestId:
      description: >
        Developer-provided header parameter or Circle-generated universally
        unique identifier (UUID v4). Useful for identifying a specific request
        when communicating with Circle Support.
      schema:
        $ref: '#/components/schemas/XRequestId'
  responses:
    BadRequest:
      content:
        application/json:
          schema:
            type: object
            title: BadRequestResponse
            required:
              - code
              - message
            properties:
              code:
                type: integer
                description: Code that corresponds to the error.
              message:
                type: string
                description: Message that describes the error.
            example:
              code: 400
              message: Bad request.
      description: Request cannot be processed due to a client error.
      headers:
        X-Request-Id:
          $ref: '#/components/headers/XRequestId'
    NotAuthorized:
      content:
        application/json:
          schema:
            type: object
            title: NotAuthorizedResponse
            required:
              - code
              - message
            properties:
              code:
                type: integer
                description: Code that corresponds to the error.
              message:
                type: string
                description: Message that describes the error.
            example:
              code: 401
              message: Malformed authorization.
      description: >-
        Request has not been applied because it lacks valid authentication
        credentials.
      headers:
        X-Request-Id:
          $ref: '#/components/headers/XRequestId'
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer
      bearerFormat: PREFIX:ID:SECRET
      description: >-
        Circle's API Keys are formatted in the following structure
        "PREFIX:ID:SECRET". All three parts are required to make a successful
        request.

````