Remove user API

Removes the specified user from an application or tenant. When users are removed, their associations with applications are removed, such as their alias, ACR values, and all custom user data. Removed users are not deleted from BindID, but if they reauthenticate they are considered to be new users for your application (although they will retain their original user ID).

HTTP Request

The API is invoked as a DELETE request to the following endpoint:

https://<host-name>/api/v1/mgmt/users/<userIdentifier>

where:

<host-name> has the following value depending on the environment:
- Sandbox: admin.bindid-sandbox.io
- Production: admin.bindid.io
- Production EU: admin.eu.bindid.io
<userIdentifier> is the ID of the user that will be removed (either user ID or alias, see below).

Request Header

Header Name	Value
`Authorization`	A valid bearer token (see Token API)

Request Parameters

The following URL parameters:

Field	Description	Type
`userIdentifierType`	Required. Indicates whether the `userIdentifier` corresponds to the `user_id` (the `sub` field returned in the claim of the ID token) or `alias` (as set in a Session Feedback API call).	String
`scope`	Required. Must be one of the following: `tenant`, the user is removed from the tenant (all apps); `app`, the user is removed from a specific app.	String
`appId`	The ID of the application from which the user is removed, required when `scope` is set to `app`.	String
`credentialsId`	Required. API credentials ID used to create the access token that authorizes this request.	String

Request Example

DELETE /api/v1/mgmt/users/98c5f862-1319-4de2-8e9b-94a6629eddfb?credentialsId=62565fe2.management_api_app.tid_728fc7fe.bindid.io&scope=app&userIdentifierType=user_id&appId=c1dc066f
Authorization: Bearer q5fDE10-mlM4xEwl_UnhKjhvWOLHEbXqzJOYpGgxuB0

Response Headers

The response includes this HTTP header:

Header Name	Value
`Content-Type`	`application/json`

Response Body

The JSON object in the body has the following structure:

Field Name	Description	Type
`status`	Indicates call `success` or `failure`.	String
`error`	Object describing the error, only returned when the call failed (see Failures).	Object

Response Example

HTTP/2 200
Content-Type: application/json

{
    "status": "success"
}

Failures

In addition to the common errors (see Introduction), the following error response codes may be returned as part of a 4xx status response:

Status Code	Response Code	Description
`400`	N/A	Invalid request structure.
`400`	`invalid_scope`	The `scope` was incorrectly defined.
`400`	`missing_appId`	The `appId` was not specified when `scope` was set to `app`.
`400`	`invalid_userIdentifierType`	The `userIdentifierType` was incorrectly defined.
`403`	`user_not_found`	The specified user cannot be found.

Remove user API#

HTTP Request#

Request Header#

Request Parameters#

Request Example#

Response Headers#

Response Body#

Response Example#

Failures#