Documentation/canton-network-docs/Ledger APIProtobufsPackagescom.daml.ledger.api.v2.adminServicesUserManagementServiceView on canton-network-docs
canton-network-docs/Ledger APIProtobufsPackagescom.daml.ledger.api.v2.adminServicesUserManagementService

RevokeUserRights

Ledger APIProtobufcom.daml.ledger.api.v2.adminRevokeUserRights

com.daml.ledger.api.v2.admin

RevokeUserRights

gRPCSince 3.4.0
RPC/com.daml.ledger.api.v2.admin.UserManagementService/RevokeUserRights

Protocol Details

Inputs

RevokeUserRightsRequest

user_idstring
rightsrepeated Right
identity_provider_idstring

Outputs

RevokeUserRightsResponse

newly_revoked_rightsrepeated Right

Lifecycle Changes

3.4.0introduced

com.daml.ledger.api.v2.admin.RevokeUserRightsRequest

user_idstring
rightsrepeated Right
identity_provider_idstring

com.daml.ledger.api.v2.admin.Right

participant_adminParticipantAdmin
can_act_asCanActAs
can_read_asCanReadAs
identity_provider_adminIdentityProviderAdmin
can_read_as_any_partyCanReadAsAnyParty
can_execute_asCanExecuteAs
can_execute_as_any_partyCanExecuteAsAnyParty

com.daml.ledger.api.v2.admin.Right.ParticipantAdmin

com.daml.ledger.api.v2.admin.Right.CanActAs

partystring

com.daml.ledger.api.v2.admin.Right.CanReadAs

partystring

com.daml.ledger.api.v2.admin.Right.CanExecuteAs

partystring

com.daml.ledger.api.v2.admin.Right.IdentityProviderAdmin

com.daml.ledger.api.v2.admin.Right.CanReadAsAnyParty

com.daml.ledger.api.v2.admin.Right.CanExecuteAsAnyParty

com.daml.ledger.api.v2.admin.RevokeUserRightsResponse

newly_revoked_rightsrepeated Right
grpcurl
grpcurl
# Add -plaintext if the server is not using TLS.
grpcurl \
  -d @ \
  <HOST:PORT> \
  com.daml.ledger.api.v2.admin.UserManagementService/RevokeUserRights <<'EOF'
{
  "userId": "string",
  "rights": [
    {
      "participantAdmin": {}
    }
  ],
  "identityProviderId": "string"
}
EOF
OKapplication/json
OK
{
  "newlyRevokedRights": [
    {
      "participantAdmin": {}
    }
  ]
}