How to Delete a Role Assignment in Azure using REST API
I am trying to delete a role assignment at the root level in Azure using the REST API. Specifically, I want to remove the Owner role from a user with the email address "[email protected]" I have gathered the object ID of the user and the role definition ID of the Owner role. Now, I'm looking for guidance on how to construct a DELETE request URL.
Could someone provide the correct values to replace scope and roleAssignmentName in this URL to successfully delete the role assignment?
Additional Information:
The {scope} in this case is at the root level, so it should be /.
The roleAssignmentName is a GUID that uniquely identifies the role assignment.
The API version is specified as api-version=2015-07-01.
Any guidance on how to construct the DELETE request URL correctly would be greatly appreciated.
I am trying to delete a role assignment at the root level in Azure using the REST API. Specifically, I want to remove the Owner role from a user with the email address "[email protected]" I have gathered the object ID of the user and the role definition ID of the Owner role. Now, I'm looking for guidance on how to construct a DELETE request URL.
Initially, I generated access token using client credentials flow via Postman for service principal:
POST https://login.microsoftonline.com/tenantId/oauth2/v2.0/token
grant_type:client_credentials
client_id: appId
client_secret: secret
scope: https://management.azure.com/.default
Response:
I have one user assigned with Owner role under subscription scope as below:
To get the above role assignment name/ID, you can run below REST API call:
GET https://management.azure.com/subscriptions/subId/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01&$filter=principalId eq 'userObjId'
Authorization: Bearer <token>
Response:
Now, run below REST API call to delete the role assignment by including scope and role assignment name:
DELETE https://management.azure.com/subscriptions/subId/providers/Microsoft.Authorization/roleAssignments/roleassignment_name?api-version=2022-04-01
Authorization: Bearer <token>
Response:
When I checked the same in Portal, role assignment deleted successfully as below:
Response: Role Assignments - Delete - REST API (Azure Authorization) | Microsoft
- Azure Service Plan - Convert Consumption App to Premium App
- No PK or FK when exporting SQL Server database
- Assigning a Token Lifetime Policy to an application in Microsoft EntraID seems to have no effect
- How to create a dataset for Azure custom speech using spx (speechCLI)
- Azure App Service Autoscale Fails to Scale In
- Azure Scale Out on Memory keeps flapping (not scaling in)
- Setting a server minimum for Azure Web App when using automatic scaling, from Bicep
- A keyvault created with access policy using BICEP creates compound identity
- Azure Loadbalancer with public IP forward traffic to Container Apps
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- What means skipNegotiation in SignalR HubConnection?
- Azure ClientCertificateCredential - Using SNI
- Azure AI Search MultiIndex / Conditional Semantic search
- MSAL Node service & The Partner Center API
- Load Registered Component in Azure ML for Pipeline using Python sdk v2
- Azure Blob:- How to automate Azure Archive Storage to Cool/Hot tier conversion, send download link once it's avaible , and re-archive after 72 hours?
- Azure App Service Custom Backup to Firewall Enabled Storage Account not working as expected
- How to take max value and replace it in drived column in data factory
- Synapse/ ADF - How to Truncate table if dynamic config column is True in pre-copy script
- Azure Cost Management - track costs associated with Databricks job
- Error: "OrganizationFromTenantGuidNotFound" (even with Microsoft 365 subscription)
- How to check Debug.Writeline() output in VS code?
- C# API - Provide download of files from Azure Blobstorage
- localhost:300/api is not working : "This page isn’t working"
- Creating an Azure Linux VM with Ubuntu 20.04 with Terraform
- Failed to deploy path that does not exist
- Using Azure WAF for my server(not in Azure)
- How and where to define an environment variable on Azure
- Azure Data Factory - Unable to preview data
- Azure yaml trigger pipeline every 14 days on a Saturday