Endpoint URL: {registrationDomain} /entity.deleteAccess
Description
Removes all existing access grants associated with the selected user. This endpoints removes all access tokens, all refresh tokens, and all refresh secrets that have been issued to the user. Removing the access grants forces the user to re-authenticate should they attempt to exercise any of those grants.
Note that this endpoint does not remove access grants that may be managed by other services, such as Single Sign-On.
This endpoint requires a client with the owner, direct_access, access_issuer, or login_client feature.
Respects the API Client Allow List: Yes
API Client Permissions
The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:
owner | access_issuer | direct_access | direct_read_access | login_client |
Yes | Yes | Yes | No | Yes |
Authentication
This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.
How to Create an Authentication String
Base URL
The base URL for this endpoint is your Identity Cloud Capture domain; for example:
https://educationcenter.us-
Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:
Examples
This command deletes all the access grants that reference the user UUID 2efede78-fdf7-4e38-9785-4a82de768b9f.
curl -X POST \ -H "Authorization: Basic
c2dueXZ1czZwYzRqbTdraHIybmVxNWdzODlnYnIyZXE6d3Q0YzN1bjl3a2tjZnZ5a25xeDQ0eW5jNDc2YWZzNjg=" \ --data-urlencode type_name=user \ --data-urlencode uuid=2efede78-fdf7-4e38-9785-4a82de768b9f \ https://my-app.janraincapture.com/entity.deleteAccess
Running this command in Postman
Example Response
{
"stat": "ok"
}
Query Parameters
Parameter | Type | Required | Description |
---|---|---|---|
id | string | No | Entity ID. Required if you are not using the uuid or key_attributes parameters. |
key_attribute | string | No | Name of a unique attribute used with schema. Required if you are not using the id or uuid parameters, and must be used in conjunction with the key_value parameter. |
key_value | string | No | Value for the attribute specified by the key_attribute parameter. String values must be enclosed in quotes. |
uuid | string | No | Unique identifier for the user record. Required if you are not using the id or key_attribute parameters. |