Document toolboxDocument toolbox

removeConsent

Owned by Frode Nilsen (Unlicensed)
23 Apr 2018
1 min read
URLhttps://<xid-useradm-baseurl>/<pid>/consent
Request

DELETE with URL path parameter pid (same as bankid_altsub) for user in question

AuthenticationAccess Token as Bearer Token in Authorization Header
Success response204 No Content
Error response

403 Forbidden if the bearer token is not accepted for any reason

400 Bad Request if pid is not an xID user or if resource access is insufficient (missing scope)

ExampleSee below

This method removes any consent registered on end user given by pid to use the xID service at the OIDC client identified by the azp in the Bearer Access Token. Hence, this method can only be use by an OIDC client to remove consents for its own xID-enabled service. There is no dialog shown to the end user.

There is currently no support for an OIDC client to remove consents for xID-enabled services other OIDC clients

Example

zzz