diff --git a/app/module/users/request/users.request.go b/app/module/users/request/users.request.go
index d17f3e6..90a8de5 100644
--- a/app/module/users/request/users.request.go
+++ b/app/module/users/request/users.request.go
@@ -73,8 +73,8 @@ type UsersUpdateRequest struct {
 	Username            string  `json:"username" validate:"required,lowercase"`
 	Email               string  `json:"email" validate:"required,email"`
 	Fullname            string  `json:"fullname" validate:"required"`
-	UserLevelId         uint    `json:"userLevelId" validate:"required"`
-	UserRoleId          uint    `json:"userRoleId" validate:"required"`
+	UserLevelId         *uint   `json:"userLevelId"`
+	UserRoleId          *uint   `json:"userRoleId"`
 	PhoneNumber         *string `json:"phoneNumber"`
 	Address             *string `json:"address"`
 	WorkType            *string `json:"workType"`
@@ -88,8 +88,27 @@ type UsersUpdateRequest struct {
 	StatusId            *int    `json:"statusId"`
 }
 
+// type UsersUpdateRequest struct {
+// 	Username            string  `json:"username" validate:"required,lowercase"`
+// 	Email               string  `json:"email" validate:"required,email"`
+// 	Fullname            string  `json:"fullname" validate:"required"`
+// 	UserLevelId         uint    `json:"userLevelId" validate:"required"`
+// 	UserRoleId          uint    `json:"userRoleId" validate:"required"`
+// 	PhoneNumber         *string `json:"phoneNumber"`
+// 	Address             *string `json:"address"`
+// 	WorkType            *string `json:"workType"`
+// 	GenderType          *string `json:"genderType"`
+// 	IdentityType        *string `json:"identityType"`
+// 	IdentityGroup       *string `json:"identityGroup"`
+// 	IdentityGroupNumber *string `json:"identityGroupNumber"`
+// 	IdentityNumber      *string `json:"identityNumber"`
+// 	DateOfBirth         *string `json:"dateOfBirth"`
+// 	LastEducation       *string `json:"lastEducation"`
+// 	StatusId            *int    `json:"statusId"`
+// }
+
 func (req UsersUpdateRequest) ToEntity() *users.Users {
-	return &users.Users{
+	entity := &users.Users{
 		Username:            req.Username,
 		Email:               req.Email,
 		Fullname:            req.Fullname,
@@ -103,13 +122,44 @@ func (req UsersUpdateRequest) ToEntity() *users.Users {
 		IdentityNumber:      req.IdentityNumber,
 		DateOfBirth:         req.DateOfBirth,
 		LastEducation:       req.LastEducation,
-		UserRoleId:          req.UserRoleId,
 		StatusId:            req.StatusId,
-		UserLevelId:         req.UserLevelId,
 		UpdatedAt:           time.Now(),
 	}
+
+	// ⬇️ HANYA SET JIKA DIKIRIM
+	if req.UserLevelId != nil {
+		entity.UserLevelId = *req.UserLevelId
+	}
+
+	if req.UserRoleId != nil {
+		entity.UserRoleId = *req.UserRoleId
+	}
+
+	return entity
 }
 
+// func (req UsersUpdateRequest) ToEntity() *users.Users {
+// 	return &users.Users{
+// 		Username:            req.Username,
+// 		Email:               req.Email,
+// 		Fullname:            req.Fullname,
+// 		Address:             req.Address,
+// 		PhoneNumber:         req.PhoneNumber,
+// 		WorkType:            req.WorkType,
+// 		GenderType:          req.GenderType,
+// 		IdentityType:        req.IdentityType,
+// 		IdentityGroup:       req.IdentityGroup,
+// 		IdentityGroupNumber: req.IdentityGroupNumber,
+// 		IdentityNumber:      req.IdentityNumber,
+// 		DateOfBirth:         req.DateOfBirth,
+// 		LastEducation:       req.LastEducation,
+// 		UserRoleId:          req.UserRoleId,
+// 		StatusId:            req.StatusId,
+// 		UserLevelId:         req.UserLevelId,
+// 		UpdatedAt:           time.Now(),
+// 	}
+// }
+
 type UserLogin struct {
 	Username     *string `json:"username"`
 	Password     *string `json:"password"`
diff --git a/app/module/users/service/users.service.go b/app/module/users/service/users.service.go
index d0faa77..ab402a0 100644
--- a/app/module/users/service/users.service.go
+++ b/app/module/users/service/users.service.go
@@ -375,25 +375,80 @@ func (_i *usersService) Update(authToken string, id uint, req request.UsersUpdat
 		}
 	}
 
-	_i.Log.Info().Interface("data", req).Msg("")
-	newReq := req.ToEntity()
-
-	findUser, err := _i.Repo.FindOne(clientId, id)
+	// 1️⃣ Ambil data user lama
+	existingUser, err := _i.Repo.FindOne(clientId, id)
 	if err != nil {
 		return err
 	}
 
-	err = _i.Keycloak.UpdateUser(findUser.KeycloakId, req.Fullname, req.Email)
+	// 2️⃣ Update Keycloak (nama & email)
+	err = _i.Keycloak.UpdateUser(existingUser.KeycloakId, req.Fullname, req.Email)
 	if err != nil {
 		return err
 	}
 
-	// Set ClientId on entity
-	newReq.ClientId = clientId
+	// 3️⃣ Update field yang BOLEH diubah
+	existingUser.Username = req.Username
+	existingUser.Email = req.Email
+	existingUser.Fullname = req.Fullname
+	existingUser.Address = req.Address
+	existingUser.PhoneNumber = req.PhoneNumber
+	existingUser.WorkType = req.WorkType
+	existingUser.GenderType = req.GenderType
+	existingUser.IdentityType = req.IdentityType
+	existingUser.IdentityGroup = req.IdentityGroup
+	existingUser.IdentityGroupNumber = req.IdentityGroupNumber
+	existingUser.IdentityNumber = req.IdentityNumber
+	existingUser.DateOfBirth = req.DateOfBirth
+	existingUser.LastEducation = req.LastEducation
+	existingUser.StatusId = req.StatusId
+	existingUser.UpdatedAt = time.Now()
 
-	return _i.Repo.Update(clientId, id, newReq)
+	// 4️⃣ Role & Level HANYA jika dikirim
+	if req.UserLevelId != nil {
+		existingUser.UserLevelId = *req.UserLevelId
+	}
+	if req.UserRoleId != nil {
+		existingUser.UserRoleId = *req.UserRoleId
+	}
+
+	// 5️⃣ Pastikan clientId tidak hilang
+	existingUser.ClientId = clientId
+
+	// 6️⃣ Simpan
+	return _i.Repo.Update(clientId, id, existingUser)
 }
 
+// func (_i *usersService) Update(authToken string, id uint, req request.UsersUpdateRequest) (err error) {
+// 	// Extract clientId from authToken
+// 	var clientId *uuid.UUID
+// 	if authToken != "" {
+// 		user := utilSvc.GetUserInfo(_i.Log, _i.Repo, authToken)
+// 		if user != nil && user.ClientId != nil {
+// 			clientId = user.ClientId
+// 			_i.Log.Info().Interface("clientId", clientId).Msg("Extracted clientId from auth token")
+// 		}
+// 	}
+
+// 	_i.Log.Info().Interface("data", req).Msg("")
+// 	newReq := req.ToEntity()
+
+// 	findUser, err := _i.Repo.FindOne(clientId, id)
+// 	if err != nil {
+// 		return err
+// 	}
+
+// 	err = _i.Keycloak.UpdateUser(findUser.KeycloakId, req.Fullname, req.Email)
+// 	if err != nil {
+// 		return err
+// 	}
+
+// 	// Set ClientId on entity
+// 	newReq.ClientId = clientId
+
+// 	return _i.Repo.Update(clientId, id, newReq)
+// }
+
 func (_i *usersService) Delete(authToken string, id uint) error {
 	// Extract clientId from authToken
 	var clientId *uuid.UUID
diff --git a/docs/swagger/docs.go b/docs/swagger/docs.go
index c936f16..a047c4e 100644
--- a/docs/swagger/docs.go
+++ b/docs/swagger/docs.go
@@ -22127,8 +22127,6 @@ const docTemplate = `{
             "required": [
                 "email",
                 "fullname",
-                "userLevelId",
-                "userRoleId",
                 "username"
             ],
             "properties": {
diff --git a/docs/swagger/swagger.json b/docs/swagger/swagger.json
index 1dc59cf..7a0ed87 100644
--- a/docs/swagger/swagger.json
+++ b/docs/swagger/swagger.json
@@ -22116,8 +22116,6 @@
             "required": [
                 "email",
                 "fullname",
-                "userLevelId",
-                "userRoleId",
                 "username"
             ],
             "properties": {
diff --git a/docs/swagger/swagger.yaml b/docs/swagger/swagger.yaml
index 1f72416..f38247d 100644
--- a/docs/swagger/swagger.yaml
+++ b/docs/swagger/swagger.yaml
@@ -1915,8 +1915,6 @@ definitions:
     required:
     - email
     - fullname
-    - userLevelId
-    - userRoleId
     - username
     type: object
   response.BadRequestError: