API ReferenceapiidentityPOST /v1/rbac/assignments/revoke

POST /v1/rbac/assignments/revoke

Service: identity · operationId: (none)

Revoke a role assignment (soft-delete via revoked_at)

Required scopes

(no scope declared — review service config)

Request body

{
  "type": "object",
  "properties": {
    "assignment_id": {
      "type": "string",
      "minLength": 1,
      "description": "Role assignment ID to revoke"
    }
  },
  "required": [
    "assignment_id"
  ]
}

Responses

200 Role revoked

{
  "type": "object",
  "properties": {
    "id": {
      "type": "string"
    },
    "subject_type": {
      "type": "string",
      "enum": [
        "user",
        "service"
      ]
    },
    "subject_id": {
      "type": "string"
    },
    "brand_id": {
      "type": "string"
    },
    "role": {
      "type": "string"
    },
    "granted_at": {
      "type": "string"
    },
    "granted_by": {
      "type": "string"
    },
    "expires_at": {
      "type": [
        "string",
        "null"
      ]
    }
  },
  "required": [
    "id",
    "subject_type",
    "subject_id",
    "brand_id",
    "role",
    "granted_at",
    "granted_by",
    "expires_at"
  ]
}

404 Assignment not found

{
  "type": "object",
  "properties": {
    "error": {
      "type": "string"
    },
    "message": {
      "type": "string"
    }
  },
  "required": [
    "error",
    "message"
  ]
}

Example

curl -X POST https://identity.platform.loop.health/v1/rbac/assignments/revoke \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{ ... }'