Skip to main content
Remove an authorized user from the caller’s account by deactivating their role assignment. This mutation does not delete the user — it sets the role assignment on the caller’s account to INACTIVE, revoking their access. The account owner (OWNER role) cannot be removed through this endpoint. The target account is always resolved from the caller’s credentials — Bearer tokens use the token’s account; Basic (API key) callers use the application’s configured operator account. The authUserId must refer to a role assignment on that account; otherwise the request is rejected. 🔒 Restricted Access This mutation requires the MANAGE_SUBUSERS scope. It supports both Bearer (user access token) and Basic (<API_KEY>) authentication.

Parameters


Response

Success Response


Response Fields


This mutation returns errors in the response data, not as GraphQL errors. Always check the success field and handle the error object when success is false.

Example Request

Error Codes