Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Need to use REST API to remove Jira Cloud site users' access.

Michael Savedra
Michael Savedra April 15, 2022

Hi!

I am trying to build a bulk user deprovision script for our Jira platform using the REST API and python. 

The current manual process is for the Tech Support team to select 'Remove User' when on the user's profile in the admin Administrator settings (see below screenshot). 

I have tried the API recommended here: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-users/#api-rest-api-3-user-delete - but it doesn't seem to get a response from the server.

I also tried: https://developer.atlassian.com/cloud/admin/user-management/rest/api-group-users/#api-users-account-id-manage-lifecycle-disable-post but this may be depricated as I receive an auth issue.

Any ideas on the best API to use for removing site access in this way specifically?

Being able to remove users from the groups they are in would also be useful but the option here doesn'ty return any response from the cloud/server either: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-groups/#api-rest-api-3-group-user-delete

I'm using Python so any advice in that langauge would be prefferred :)

Many thanks in advance!

Mike

 

Screenshot 2022-04-15 at 17.07.48.png

Answer
Watch
Like Be the first to like this
1626 views

1 answer

0 votes
Fabio Racobaldo _Catworkx_
Fabio Racobaldo _Catworkx_
Community Champion
April 16, 2022

Hi @Michael Savedra ,

based on the Atlassian Access Rest API doc, it seems that you are able to deactivate user through the following api https://developer.atlassian.com/cloud/admin/user-management/rest/api-group-users/#api-users-account-id-manage-lifecycle-disable-post

Could you try it?

Hope this helps,

Fabio

View More Comments
Michael Savedra
Michael Savedra April 18, 2022

Hi @Fabio Racobaldo _Catworkx_ ,

Thanks for getting back.

This was the example that was giving me an authentication error. I thought this method may be depricated as the auth section is not in the same format as the usual REST API calls that specify "auth:" and require the JIRA account email and API token. 

This only asks for the following: " headers = { "Content-Type": "application/json", "Authorization": "Bearer <access_token>" }" 

Could you please specify how the auth details shoudl be formatted in this example?

 

Many thanks,

 

Michael

Like
Fabio Racobaldo _Catworkx_
Fabio Racobaldo _Catworkx_
Community Champion
April 18, 2022

You need an API token first to use that API. Please take a look here https://support.atlassian.com/organization-administration/docs/manage-an-organization-with-the-admin-apis/

Like
Michael Savedra
Michael Savedra April 18, 2022

Hi @Fabio Racobaldo _Catworkx_ ,

So I have an API token already and this works for all other API calls. 

For example when I need to return the accountID for a user I will use the following:

'''url = "https://{my-domain}.atlassian.net/rest/api/latest/user/search?query=" + str(user)
auth = HTTPBasicAuth("{email@mydomain.com}", "{my api token}")

headers = {
"Accept": "application/json"}
response = requests.request(
"GET",
url,
headers=headers,
auth=auth)
global account_Id
print((json.loads(response.text)[0]["accountId"]))
account_Id = (json.loads(response.text)[0]["accountId"])'''
However, when I try the following to disable the account:
'''url = "https://api.atlassian.com/users/" + account_Id + "/manage/lifecycle/disable"

headers = {
"Content-Type": "application/json",
"Authorization": "Bearer {my api token}"
}

payload = json.dumps( {
"message": "On 6-month suspension"
} )

response = requests.request(
"POST",
url,
data=payload,
headers=headers)

print(response.text)'''
This gives me a 401 authorization issue. 
Notice the difference with the call that works with my api token, it requires the email address linked to this token where as the call for disabling the account seems to only require the api token? does "Bearer" need to be replaced with the admin account email? I tried this but it didn't seem to make any difference.
Many thanks,
Michael
Like
Michael Savedra
Michael Savedra April 18, 2022

@Fabio Racobaldo _Catworkx_  I think I've spotted where I was going wrong, the options to diabel a user that you sent over asks for an 'access toke' which turns out is something different to an API token.

After looking into how I can get one of these here: https://developer.atlassian.com/platform/marketplace/knowledge-base/access-tokens-overview/ I've found you need to be a marketplace admin for that, which I'm not. 

I therefore still need to find a way to use the REST API to remove/disable users rather than this method that requires an access token.

Let me know if you can help. 

thanks,

Michael

Like
Fabio Racobaldo _Catworkx_
Fabio Racobaldo _Catworkx_
Community Champion
April 18, 2022

In order to be able to work at user level, you need to be a Site Admin. If you're not a Site Admin, you can't do that.

Like
Michael Savedra
Michael Savedra April 18, 2022

@Fabio Racobaldo _Catworkx_ I am a site admin. 

 

When I use the api in Python from the 'disable user' section it keeps giving me a 401 authorization error though. 

EG:

def disableUser():
url = "https://api.atlassian.com/users/{accountId}/manage/lifecycle/disable"

headers = {
"Content-Type": "application/json",
"Authorization": "Bearer {my API key}"
}

payload = json.dumps( {
"message": "On 6-month suspension"
} )

response = requests.request(
"POST",
url,
data=payload,
headers=headers)

print(response.text)
where could I be going wrong?
Thanks
Like
Michael Savedra
Michael Savedra April 18, 2022

@Fabio Racobaldo _Catworkx_ would I need to be an Org admin maybe?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security