Index: src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
===================================================================
--- src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php	(revision 39040)
+++ src/wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php	(working copy)
@@ -95,10 +95,30 @@
 		) );
 
 		register_rest_route( $this->namespace, '/' . $this->rest_base . '/me', array(
-			'methods'  => WP_REST_Server::READABLE,
-			'callback' => array( $this, 'get_current_item' ),
-			'args'     => array(
-				'context' => array(),
+			array(
+				'methods'             => WP_REST_Server::READABLE,
+				'callback'            => array( $this, 'get_current_item' ),
+				'args'                => array(
+					'context'          => array(),
+				),
+			),
+			array(
+				'methods'             => WP_REST_Server::EDITABLE,
+				'callback'            => array( $this, 'update_current_item' ),
+				'permission_callback' => array( $this, 'update_current_item_permissions_check' ),
+				'args'                => $this->get_endpoint_args_for_item_schema( WP_REST_Server::EDITABLE ),
+			),
+			array(
+				'methods'             => WP_REST_Server::DELETABLE,
+				'callback'            => array( $this, 'delete_current_item' ),
+				'permission_callback' => array( $this, 'delete_current_item_permissions_check' ),
+				'args'                => array(
+					'force'    => array(
+						'default'     => false,
+						'description' => __( 'Required to be true, as resource does not support trashing.' ),
+					),
+					'reassign' => array(),
+				),
 			),
 			'schema' => array( $this, 'get_public_item_schema' ),
 		));
@@ -343,9 +363,6 @@
 		$response = $this->prepare_item_for_response( $user, $request );
 		$response = rest_ensure_response( $response );
 
-		$response->header( 'Location', rest_url( sprintf( '%s/%s/%d', $this->namespace, $this->rest_base, $current_user_id ) ) );
-		$response->set_status( 302 );
-
 		return $response;
 	}
 
@@ -570,6 +587,36 @@
 	}
 
 	/**
+	 * Checks if a given request has access to update the current user.
+	 *
+	 * @since 4.7.0
+	 * @access public
+	 *
+	 * @param WP_REST_Request $request Full details about the request.
+	 * @return true|WP_Error True if the request has access to update the item, WP_Error object otherwise.
+	 */
+	public function update_current_item_permissions_check( $request ) {
+		$request['id'] = get_current_user_id();
+
+		return $this->update_item_permissions_check( $request );
+	}
+
+	/**
+	 * Updates the current user.
+	 *
+	 * @since 4.7.0
+	 * @access public
+	 *
+	 * @param WP_REST_Request $request Full details about the request.
+	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
+	 */
+	function update_current_item( $request ) {
+		$request['id'] = get_current_user_id();
+
+		return $this->update_item( $request );
+	}
+
+	/**
 	 * Checks if a given request has access delete a user.
 	 *
 	 * @since 4.7.0
@@ -648,6 +695,36 @@
 	}
 
 	/**
+	 * Checks if a given request has access to delete the current user.
+	 *
+	 * @since 4.7.0
+	 * @access public
+	 *
+	 * @param WP_REST_Request $request Full details about the request.
+	 * @return true|WP_Error True if the request has access to delete the item, WP_Error object otherwise.
+	 */
+	public function delete_current_item_permissions_check( $request ) {
+		$request['id'] = get_current_user_id();
+
+		return $this->delete_item_permissions_check( $request );
+	}
+
+	/**
+	 * Deletes the current user.
+	 *
+	 * @since 4.7.0
+	 * @access public
+	 *
+	 * @param WP_REST_Request $request Full details about the request.
+	 * @return WP_REST_Response|WP_Error Response object on success, or WP_Error object on failure.
+	 */
+	function delete_current_item( $request ) {
+		$request['id'] = get_current_user_id();
+
+		return $this->delete_item( $request );
+	}
+
+	/**
 	 * Prepares a single user output for response.
 	 *
 	 * @since 4.7.0
Index: tests/phpunit/tests/rest-api/rest-users-controller.php
===================================================================
--- tests/phpunit/tests/rest-api/rest-users-controller.php	(revision 39040)
+++ tests/phpunit/tests/rest-api/rest-users-controller.php	(working copy)
@@ -635,11 +635,13 @@
 		$request = new WP_REST_Request( 'GET', '/wp/v2/users/me' );
 
 		$response = $this->server->dispatch( $request );
-		$this->assertEquals( 302, $response->get_status() );
+		$this->assertEquals( 200, $response->get_status() );
 
 		$headers = $response->get_headers();
-		$this->assertArrayHasKey( 'Location', $headers );
-		$this->assertEquals( rest_url( 'wp/v2/users/' . self::$user ), $headers['Location'] );
+		$this->assertArrayNotHasKey( 'Location', $headers );
+
+		$links = $response->get_links();
+		$this->assertEquals( rest_url( 'wp/v2/users/' . self::$user ), $links['self'][0]['href'] );
 	}
 
 	public function test_get_current_user_without_permission() {
@@ -918,6 +920,15 @@
 		$user = get_userdata( self::$editor );
 		$this->assertArrayHasKey( 'editor', $user->caps );
 		$this->assertArrayNotHasKey( 'administrator', $user->caps );
+
+		$request = new WP_REST_Request( 'PUT', '/wp/v2/users/me' );
+		$request->set_param( 'roles', array( 'administrator' ) );
+		$response = $this->server->dispatch( $request );
+
+		$this->assertErrorResponse( 'rest_cannot_edit_roles', $response, 403 );
+		$user = get_userdata( self::$editor );
+		$this->assertArrayHasKey( 'editor', $user->caps );
+		$this->assertArrayNotHasKey( 'administrator', $user->caps );
 	}
 
 	public function test_update_user_role_invalid_privilege_deescalation() {
@@ -938,6 +949,16 @@
 		$user = get_userdata( $user_id );
 		$this->assertArrayHasKey( 'administrator', $user->caps );
 		$this->assertArrayNotHasKey( 'editor', $user->caps );
+
+		$request = new WP_REST_Request( 'PUT', '/wp/v2/users/me' );
+		$request->set_param( 'roles', array( 'editor' ) );
+		$response = $this->server->dispatch( $request );
+
+		$this->assertErrorResponse( 'rest_user_invalid_role', $response, 403 );
+
+		$user = get_userdata( $user_id );
+		$this->assertArrayHasKey( 'administrator', $user->caps );
+		$this->assertArrayNotHasKey( 'editor', $user->caps );
 	}
 
 	public function test_update_user_role_privilege_deescalation_multisite() {
@@ -958,6 +979,20 @@
 		$new_data = $response->get_data();
 		$this->assertEquals( 'editor', $new_data['roles'][0] );
 		$this->assertNotEquals( 'administrator', $new_data['roles'][0] );
+
+		$user_id = $this->factory->user->create( array( 'role' => 'administrator' ) );
+
+		wp_set_current_user( $user_id );
+		$user = wp_get_current_user();
+		update_site_option( 'site_admins', array( $user->user_login ) );
+
+		$request = new WP_REST_Request( 'PUT', '/wp/v2/users/me' );
+		$request->set_param( 'roles', array( 'editor' ) );
+		$response = $this->server->dispatch( $request );
+
+		$new_data = $response->get_data();
+		$this->assertEquals( 'editor', $new_data['roles'][0] );
+		$this->assertNotEquals( 'administrator', $new_data['roles'][0] );
 	}
 
 
@@ -974,6 +1009,16 @@
 		$user = get_userdata( self::$editor );
 		$this->assertArrayHasKey( 'editor', $user->caps );
 		$this->assertArrayNotHasKey( 'BeSharp', $user->caps );
+
+		$request = new WP_REST_Request( 'PUT', '/wp/v2/users/me' );
+		$request->set_param( 'roles', array( 'BeSharp' ) );
+		$response = $this->server->dispatch( $request );
+
+		$this->assertErrorResponse( 'rest_user_invalid_role', $response, 400 );
+
+		$user = get_userdata( self::$editor );
+		$this->assertArrayHasKey( 'editor', $user->caps );
+		$this->assertArrayNotHasKey( 'BeSharp', $user->caps );
 	}
 
 	public function test_update_user_without_permission() {
@@ -991,6 +1036,13 @@
 		$response = $this->server->dispatch( $request );
 
 		$this->assertErrorResponse( 'rest_cannot_edit', $response, 403 );
+
+		$request = new WP_REST_Request( 'PUT', '/wp/v2/users/me' );
+		$request->add_header( 'content-type', 'application/x-www-form-urlencoded' );
+		$request->set_body_params( $params );
+		$response = $this->server->dispatch( $request );
+
+		$this->assertErrorResponse( 'rest_user_invalid_argument', $response, 400 );
 	}
 
 	public function test_update_user_invalid_id() {
@@ -1028,6 +1080,20 @@
 		$this->assertEquals( 'Deleted User', $data['name'] );
 	}
 
+	public function test_delete_current_item() {
+		$user_id = $this->factory->user->create( array( 'role' => 'administrator', 'display_name' => 'Deleted User' ) );
+
+		wp_set_current_user( $user_id );
+
+		$request = new WP_REST_Request( 'DELETE', '/wp/v2/users/me' );
+		$request['force'] = true;
+		$response = $this->server->dispatch( $request );
+
+		$this->assertEquals( 200, $response->get_status() );
+		$data = $response->get_data();
+		$this->assertEquals( 'Deleted User', $data['name'] );
+	}
+
 	public function test_delete_item_no_trash() {
 		$user_id = $this->factory->user->create( array( 'display_name' => 'Deleted User' ) );
 
@@ -1044,6 +1110,21 @@
 		$this->assertNotEmpty( $user );
 	}
 
+	public function test_delete_current_item_no_trash() {
+		$user_id = $this->factory->user->create( array( 'role' => 'administrator' ) );
+
+		wp_set_current_user( $user_id );
+
+		$userdata = get_userdata( $user_id ); // cache for later
+		$request = new WP_REST_Request( 'DELETE', '/wp/v2/users/me' );
+		$response = $this->server->dispatch( $request );
+		$this->assertErrorResponse( 'rest_trash_not_supported', $response, 501 );
+
+		// Ensure the user still exists
+		$user = get_user_by( 'id', $user_id );
+		$this->assertNotEmpty( $user );
+	}
+
 	public function test_delete_user_without_permission() {
 		$user_id = $this->factory->user->create();
 
@@ -1054,6 +1135,12 @@
 		$request['force'] = true;
 		$response = $this->server->dispatch( $request );
 
+		$this->assertErrorResponse( 'rest_user_cannot_delete', $response, 403 );
+
+		$request = new WP_REST_Request( 'DELETE', '/wp/v2/users/me' );
+		$request['force'] = true;
+		$response = $this->server->dispatch( $request );
+
 		$this->assertErrorResponse( 'rest_user_cannot_delete', $response, 403 );
 	}