The relevant Story for Artisan being able to update an Artisan's data, from the earlier collection of stories is:

• As an Artisan, I need to be able to update my own Artisan object so that I can manage my information at the HMS Central Office.

No matter what the eventual shape of the processes surrounding the queue_id and signing_key properties of an Artisan turns out to be, those values, as secrets, should never be sent across the open internet without some protection—encrypting them while in motion, at a minimum. Without those values, changes to Artisan data by Artisan users can travel unencrypted, so the base message structure for Artisan updates is nearly a duplicate of the equivalent in the Central Office's ...