Remove an Access Member
/sites/management/api/v1/sites/{id}/access/{memberId}
Remove a single user, client application or group member from the site's access list. If the user, client application or group is not a member of the access list then a member not found error is returned in the response.
Introduced in release 19.4.3.
Authorization
When site governance is enabled, site administrators can revoke access to any site. Any user that has been shared with a site can revoke access to that site if they have one of the following sharing roles:
- Owner
- Manager
Successful Response Examples
This operation responds with the following success (2xx) responses. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
204No Content - Revoke a User
Revoke access for user jsmith
to this site.
Request
DELETE https://api.example.com/sites/management/api/v1/sites/name:MySite/access/user:jsmith
204No Content - Revoke an Application
Revoke access for client application MyProductAPPID
to this site.
Request
DELETE https://api.example.com/sites/management/api/v1/sites/name:MySite/access/user:MyProduct_APPIDIntroduced in release 20.3.3.
204No Content - Revoke a Group
Revoke access for group marketing
to this site.
Request
DELETE https://api.example.com/sites/management/api/v1/sites/name:MySite/access/group:marketing
Client Error Response Examples
This operation responds with following client error (4xx) responses with exception details in the response body. For a full list of response HTTP status codes and example bodies, consult the Response section of this operation.
400Bad Request - Invalid Site Security Access
The security policy on the site means you cannot have the security access levels that have been specified. The security policy specifies the minimum level of security a site can have. For example, when the site security level in the security policy specifies service users, the security access cannot be all cloud users. You cannot publish a site or update site access members when the security access levels of the site are not allowed.
Error Code
OCE-SITEMGMT-009019
Resolution - Change Security Access
Change the site's security access levels to conform to the security policy of the site and retry the operation. When site governance is enabled you can specify security policy on a site by site basis, initially defined by the security policy on the site template that the site was created from. Any site that was created before site governance was enabled will not have a security policy on the site, so will fall back to tenant service level policy. If you get this error you can either set the security policy directly on that site to be public.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
site | Site on which the operation is being performed. |
For detailed information about this exception detail type, consult the InvalidSiteSecurityAccessExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Invalid Site Security Access", "status": "400", "detail": "Site security access levels are not allowed by the security policy.", "o:errorCode": "OCE-SITEMGMT-009019", "site": { "id": "FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0" } }
403Forbidden - Site Operation Forbidden
Your sharing role within the site does not allow you to perform the operation.
Error Code
OCE-SITEMGMT-009026
Resolution - Change the Sharing Role
Change the sharing role given to the authenticated user to the required role or higher.
Resolution - Change the Application Role
Ensure the user has a Standard User or Enterprise User Application Role.
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
site | Site on which the operation is being performed. |
For detailed information about this exception detail type, consult the SiteOperationForbiddenExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Site Operation Forbidden", "status": "403", "detail": "You do have a sharing role in this site, but your role does not allow you to use this operation.", "o:errorCode": "OCE-SITEMGMT-009026", "site": { "id": "FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0" } }
Introduced in release 19.1.5.
404Not Found - Member Not Found
The user, client application or group is not a member.
Error Code
OCE-IDS-001003
Exception Detail Fields
This error type includes the following fields/values in the response:
Field Name | Description |
member | User, application or group that is not a member. |
For detailed information about this exception detail type, consult the MemberNotFoundExceptionDetail schema in the definitions section of the swagger document.
Example Response Body
{ "type": "http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1", "title": "Member Not Found", "status": "404", "detail": "User, application or group '{member.id}' is not a member'.", "o:errorCode": "OCE-IDS-001003", "member": { "id": "user:jsmith" } }
Introduced in release 19.3.1.
Request
-
id: string
Immutable identifier for the site.
-
memberId: string
Identifier for the user, client application or group member.
Response
204 Response
400 Response
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
InvalidSiteSecurityAccessExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
site(optional):
string
Site on which the operation is being performed.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Invalid Site Security Access",
"status":"400",
"detail":"Site security access levels are not allowed by the security policy.",
"o:errorCode":"OCE-SITEMGMT-009019",
"site":{
"id":"FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0"
}
}
401 Response
403 Response
-
allOf
SiteOperationForbiddenExceptionDetail
Introduced in release 19.1.5.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
SiteOperationForbiddenExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
site(optional):
string
Site on which the operation is being performed.
Introduced in release 19.1.5.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Site Operation Forbidden",
"status":"403",
"detail":"You do have a sharing role in this site, but your role does not allow you to use this operation.",
"o:errorCode":"OCE-SITEMGMT-009026",
"site":{
"id":"FCA9C0E5CDCB549A19FFB85987A2352778961003B8A0"
}
}
404 Response
-
Cache-Control: string
Directives for caching mechanisms.
-
Content-Length: string
Size of the response body.
-
Content-Type: string
Content type of the response.
-
allOf
MemberNotFoundExceptionDetail
Introduced in release 19.3.1.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
object
MemberNotFoundExceptionDetail-allOf[1]
object
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
-
detail(optional):
string
Description specific to this occurrence of the problem. The human-readable, potentially multi-line details describing the problem in more details.
-
instance(optional):
string(uri)
URI to the link that provides more detail about the error.
-
o:errorCode(optional):
string
Application error code, which is different from HTTP error code. This code should be used to check for specific errors, rather than comparing fields such as the
title
ordetail
. -
o:errorDetails(optional):
array o:errorDetails
Multiple errors can be organized in a hierarchical structure.
-
o:errorPath(optional):
string
XPath or JSON path to indicate where the error occurs.
-
status(optional):
integer(int32)
Corresponding HTTP status code for the error.
-
title(optional):
string
Short, human-readable summary of the problem. It is not advisable to use the title as a way of checking for specific errors, use the
o:errorCode
for this purpose. -
type(optional):
string(uri)
Absolute URI that identifies the problem type. When this URI dereferenced, it should provide a human-readable summary of the problem, for example, as a HTML page.
object
-
member(optional):
string
User, application or group that is not a member.
Introduced in release 19.3.1.
array
Multiple errors can be organized in a hierarchical structure.
-
object
ExceptionDetail
In addition to HTTP error code and error messages, it is often desirable to provide additional information to the client when a request fails. In such cases, the additional information will be included in the response body.
{
"type":"http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1",
"title":"Member Not Found",
"status":"404",
"detail":"User, application or group '{member.id}' is not a member'.",
"o:errorCode":"OCE-IDS-001003",
"member":{
"id":"user:jsmith"
}
}