DELETE Permissions/Object/{guid}/(ptype)/{principal}
Deletes assigned permissions for a principal on the specified object. The principal identity can originate from an AD, LDAP, or local identity provider.
Requirements
- Permissions: The caller must have Manage permission to the specified object.
- Token scope: Security:Delete
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
Name |
Description |
---|---|
{guid} |
In the request URL, specify the GUID of the object for which to list principals assigned permissions. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. |
(ptype) |
In the request URL, use the appropriate syntax for the identity provider type:
|
principal |
In the request URL, specify a Universal Unique Identifier (UUID) of a person or group. Otherwise, specify the Prefixed Universal. To get this information, call POST Identity/Browse. |
Returns
Returns no other content except unless there is an error.
Name |
Description |
---|---|
HTTP 200 |
(empty response body) Successful deletion of the permissions assignment for the specified object and principal. |
HTTP 404 |
Not Found. Error |
Error |
Permission does not exist so cannot be updated. Accompanies a HTTP 404. Unable to verify principal. |
Example 1: Delete a local user's permissions on a policy folder
Request for Example 1
DELETE https://test.venafi.example/vedsdk/Permissions/object/{3415e47d-835c-4949-af5b-c226817f7d40}/local/{a58437d1-e6d4-46f8-b790-bc1bedb943f1}
Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example 1
HTTP/1.1 200 { }
Example 2: Delete a AD user's permissions on a policy folder
Request for Example 2
DELETE https://test.venafi.example/vedsdk/Permissions/object/{ad804700-16b4-4f60-b716-49e81a38149e}/AD/venqa/8985afadc76293499e6ef76b216be640
Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example 2
HTTP/1.1 200 { }
Example 3: No permissions assigned to principal
Request for Example 3
DELETE https://test.venafi.example/vedsdk/Permissions/object/{3415e47d-835c-4949-af5b-c226817f7d40}/local/{a58437d1-e6d4-46f8-b790-bc1bedb943f1} Authorization:Bearer 4MyGeneratedBearerTknz==
Response for Example 3
HTTP/1.1 404 Not Found { "Error":"No permission granted to principal." }