Deactivate the SIEM Event Service

Endpoint URL: {identityDomain} /config/applications/{appId} /eventdelivery/deactivate


Deletes the SIEM Event Delivery service for the specified application. After you call this endpoint, event messages for the application will no longer be delivered by the SIEM Event Delivery service. In addition to that, the user account associated with the service will be deleted, and any messages stored in the SFTP server will no longer be accessible.

Respects the API Client Allow List: No

Base URL

The base URL for this endpoint is your Identity Cloud Configuration API URL (including the appropriate region) followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr then your base URL will look like this:

If you are in the Australian (AU) region your URL will look like this:

URL Path Parameters








Identity Cloud geographic region that hosts the application. Allowed values are:

  • us
  •  eu
  • au
  • sg
  • cc




Unique identifier of the Identity Cloud application being deactivated. For example:



This endpoint requires Basic authentication and an API client with the owner feature. When configuring authentication, use your client ID as the username and your client secret as the password.

Sample Request (curl)

The following command deactivates SIEM Event Delivery for the Identity Cloud application with the ID htb8fuhxnf8e38jrzub3c7pfrr:

curl -X GET \ \
  -H 'Authorization: Basic M2dmYmdycmE3dzI4MmhndHJ5cGZxeDlwemhxaGpnZDU6Y2dkY3A3bWhjeWszYmZocnl2d2NmY2c3NTdqdzRhb3E='


202 Accepted

If your call to this endpoint succeeds, you'll get back the following response:

    "message": "Your request has been accepted and is being processed."

Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code



Not authorized. Your client credentials may be invalid. You have specified an invalid client name and/or an invalid client secret.


Forbidden. Your credentials are valid for the application but not for this endpoint. For example, if you have read-only credentials those credentials can only be used with GET endpoints.