POST OAuth/RevokeRole
Revoke an OAuth role from a user.
Authorization
- Roles: Admin, Application Owner, or Application Maintainer. See OAuth roles for more information.
- Token scope: Admin
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
GranteePrefixedUniversal string |
(Required) The prefixed universal ID of the user whose role is being revoked. The prefixed universal ID can be found from the identity value returned from POST Authorize/Oauth or the PrefixedUniversal value returned from POST Identity/Browse. |
Role integer |
(Required) An integer that specifies the role being revoked. See OAuth roles. |
ApplicationId string |
The ID of the application to revoke access from. This parameter is required when revoking the Application Maintainer and Application Owner roles. For other roles, it doesn't apply since those roles are system-wide. NOTE: Add links to endpoints that return app ids when they are ready. Can also point to the UI. |
Returns
Name |
Description |
---|---|
HTTP 200 |
See OAuth result codes. |
HTTP 400 |
For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:
|
HTTP 401 |
For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:
|
HTTP 403 |
If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/Oauth with the correct scope and restriction. Update the header with the new token and retry.
|
Example
Request
POST /vedsdk/oauth/revokerole HTTP/1.1 Host: tpp-server-url Content-Type: application/json Accept: application/json Authorization: Bearer 4MyGeneratedBearerTknz== { "GranteePrefixedUniversal": "local:{5be5a591-c842-4520-9142-b455f4ad2286}", "ApplicationId": "MyIntegration", "Role": 2 }
Response
{ "Result": 0, "Success": true }