POST OAuth/RevokeGrants
Revoke all grants for a user.
Requirements
- Roles: Admin, Grant Admin, or Application Owner. See OAuth roles for more information.
- Token scope: Admin
Headers
-
Content type: Content-Type:application/json.
- Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.
Parameters
NOTE One of the following parameters is required.
Name |
Description |
---|---|
GranteePrefixedUniversal strong |
The prefixed universal ID of the user (grantee) whose grants are being revoked. This parameter requires the caller to have either the Admin or GrantAdmin roles, or to be revoking the grants for their own identity. The prefixed universal ID can be found from the identity value returned from POST Authorize/OAuth or the PrefixedUniversal value returned from POST Identity/Browse. |
ApplicationId string |
The ID of the application to revoke grants from. This parameter requires the caller to have the Admin, GrantAdmin, or Owner role for this application. |
Returns
Name |
Description |
---|---|
HTTP 200 |
See OAuth result codes. |
HTTP 400 |
For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:
|
HTTP 401 |
For authentication errors, this call returns HTTP 401 Unauthorized and the following data in the message body:
|
HTTP 403 |
If the response is HTTP 403 Forbidden, the requester's token does not include the admin scope. Call POST Authorize/OAuth with the correct scope and restriction. Update the header with the new token and retry.
|
Example
Request
POST /vedsdk/oauth/RevokeGrants HTTP/1.1 Host: tpp-server-url Content-Type: application/json Accept: application/json Authorization: Bearer 4MyGeneratedBearerTknz== { "GranteePrefixedUniversal": "local:{bdbb525f-2d77-43af-8f1f-39f1ba132825}" }
Response
{ "Result": 0, "Success": true }