Remove user API
Removes the specified user from an application or tenant. When users are removed, their associations with applications are removed, such as their alias
, ACR values, and all custom user data. Removed users are not deleted from BindID, but if they reauthenticate they are considered to be new users for your application (although they will retain their original user ID).
HTTP Request
The API is invoked as a DELETE request to the following endpoint:
https://<host-name>/api/v1/mgmt/users/<userIdentifier>
where:
- <host-name> has the following value depending on the environment:
- Sandbox:
admin.bindid-sandbox.io
- Production:
admin.bindid.io
- Production EU:
admin.eu.bindid.io
- Sandbox:
- <userIdentifier> is the ID of the user that will be removed (either user ID or alias, see below).
Request Header
Header Name | Value |
---|---|
Authorization | A valid bearer token (see Token API) |
Request Parameters
The following URL parameters:
Field | Description | Type |
---|---|---|
userIdentifierType | Required. Indicates whether the userIdentifier corresponds to the user_id (the sub field returned in the claim of the ID token) or alias (as set in a Session Feedback API call). | String |
scope | Required. Must be one of the following: tenant , the user is removed from the tenant (all apps); app , the user is removed from a specific app. | String |
appId | The ID of the application from which the user is removed, required when scope is set to app . | String |
credentialsId | Required. API credentials ID used to create the access token that authorizes this request. | String |
Request Example
DELETE /api/v1/mgmt/users/98c5f862-1319-4de2-8e9b-94a6629eddfb?credentialsId=62565fe2.management_api_app.tid_728fc7fe.bindid.io&scope=app&userIdentifierType=user_id&appId=c1dc066f
Authorization: Bearer q5fDE10-mlM4xEwl_UnhKjhvWOLHEbXqzJOYpGgxuB0
Response Headers
The response includes this HTTP header:
Header Name | Value |
---|---|
Content-Type | application/json |
Response Body
The JSON object in the body has the following structure:
Field Name | Description | Type |
---|---|---|
status | Indicates call success or failure . | String |
error | Object describing the error, only returned when the call failed (see Failures). | Object |
Response Example
HTTP/2 200
Content-Type: application/json
{
"status": "success"
}
Failures
In addition to the common errors (see Introduction), the following error response codes may be returned as part of a 4xx status response:
Status Code | Response Code | Description |
---|---|---|
400 | N/A | Invalid request structure. |
400 | invalid_scope | The scope was incorrectly defined. |
400 | missing_appId | The appId was not specified when scope was set to app . |
400 | invalid_userIdentifierType | The userIdentifierType was incorrectly defined. |
403 | user_not_found | The specified user cannot be found. |