Unassign Role from User

Remove a role from an Office 365 user.

The Unassign Role from a User card doesn't support custom roles. If you try to unassign a custom role using this action card, Okta returns an error.

Options

Field	Definition	Type	Required
Role ID	Identify the ID of the Office 365 role that is being unassigned from a specified user.	Dropdown	TRUE
Role Template ID	Identify the ID of the Office 365 directoryRoleTemplate on which the role to be unassigned from a specified user is based. The property must be specified when activating a directory role in a tenant through a POST operation. After the directory role has been activated, the property is read-only.	Dropdown	TRUE

Field

Definition

Type

Required

Role ID

Identify the ID of the Office 365 role that is being unassigned from a specified user.

TRUE

Role Template ID

Identify the ID of the Office 365 directoryRoleTemplate on which the role to be unassigned from a specified user is based.

The property must be specified when activating a directory role in a tenant through a POST operation. After the directory role has been activated, the property is read-only.

TRUE

Input

Field	Definition	Type	Required
User
Id or Username	User ID or username of the Office 365 user. This is the user's User Principal Name (UPN). A UPN is formed by taking the username and domain and combining them with the @ separator. For example, john.doe@somedomain.com. This could be the user's email address, but not always. This field displays when Role Template Id is selected in Options.	Text	TRUE
Role ID	Unique ID for the role. This field displays when Role Id is selected in Options	Text	TRUE
Role
Role Template Id	ID of the directoryRoleTemplate on which this role is based. The property must be specified when activating a directory role in a tenant with a POST operation. After the directory role has been activated, the property is read-only. This field displays when Role Template Id is selected in Options.	Text	TRUE

If the string for the UPN input begins with the $ character, remove the slash / after /users and enclose the UPN value in parentheses and single quotes. For example, /users('$AdeleVance@contoso.com'). See Known issues with Microsoft Graph.

To search for a B2B user using a UPN input value, encode the hash # character as %23. For example, /users/AdeleVance_adatum.com%23EXT%23@contoso.com.

Output

Field	Definition	Type
Status Code	Result of the operation. The connector returns an HTTP status code that indicates whether the action taken by the card succeeded or failed. For example: A 201 Created status code indicates success where a new resource was created. A 403 Forbidden error indicates that the HTTP request wasn't processed because the necessary permissions were missing. For a full list of possible status codes, see HTTP status codes.	Number

Unassign Role from User

Options

Input

Output

Related topics