DELETE Identity/Group/(prefix)/{principal}
Deletes a group from an identity provider. The local group or team can contain users or other groups from local, AD, or LDAP identity providers. During deletion, Trust Protection Platform removes the local group and retains the identities.
Requirements
- Permissions: The caller must have Owner permission or have Master Admin permission. However, results are limited to the identity provider that authenticated the caller. For example, if a LDAP caller tries to change information about an AD identity, the API call returns an empty JSON result.
- Token scope: Configuration:Delete
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
(prefix) |
In the request URL, specify the word local. You can only delete groups in the local provider. To get {prefix} and {universal} information, call POST Identity/Browse. |
{principal} | In the request URL, specify the Universal Unique Identifier (UUID) of the local group. The format of the UUID, including the absence or presence of curly braces, depends on the settings from the identity provider. |
Returns
Name |
Description |
---|---|
HTTP 200 |
For valid requests, DELETE Identity/Group/(prefix)/{principal} returns a HTTP 200 message and the following data:
|
HTTP 400 |
For invalid requests, this method returns a Message and one of the following errors:
|
Example: Remove a local group but retain all user identities
Request for Example
DELETE https://tpp.venafi.example/vedsdk/Identity/Group/local/{8cac286a-0a54-4e10-8317-be5ed3e1c95a} Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example
HTTP/1.1 200 OK { "Message":"The operation succeeded." }