How to disable users from a particular site in confluence using rest api

SaiAmarendraReddy
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 10, 2024

I searched the document but i am not able to find the endpoint. Can you send me the endpoint or documents to disable a users to particular site.

2 answers

1 vote
Robert DaSilva
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 10, 2024

Hi @SaiAmarendraReddy 

 

It looks like the API you may be looking for is the Remove User Access API as part of the Organization REST APIs. You can find more details here

 

I will say, it looks like that API is more of a blunt instrument, where it will remove the user entirely from the organization directory.

 

If your users are granted access to products via a Group, I would recommend looking at the Remove User From Group API instead. That API is a bit more targeted, and should allow you to remove access from Confluence only, again assuming it's granted by specific group membership.

 

There is also a method to add users back to groups here:

 

Robert DaSilva
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 10, 2024

You can also try the Suspend User Access method, which removes all product licenses but retains the user in the directory itself

https://developer.atlassian.com/cloud/admin/organization/rest/api-group-directory/#api-v1-orgs-orgid-directory-users-accountid-suspend-access-post

0 votes
Richard White _TechTime_
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
September 11, 2024

Ultimately, access to individual products is controlled by groups (At least if you are using the "Centralised User Management")

Even when you just add a user to a role, there is a default access group that the user is added to. So the most reliable way to remove access to a specific product is to find all groups that provide access to a product and remove any that a user is in.

This way you can remove access to just one product without affecting access to other products. 

If you need to make this work in general - then you can search all groups using this endpoint: https://developer.atlassian.com/cloud/admin/organization/rest/api-group-groups/#api-v1-orgs-orgid-groups-search-post with the expand set to "role_assignments". Using this you can find all groups that are possibly giving product access to a certain product and remove those groups via the remove users from group: https://developer.atlassian.com/cloud/admin/organization/rest/api-group-directory/#api-v1-orgs-orgid-directory-groups-groupid-memberships-accountid-delete

One thing to be aware of is that there are some groups that may give access to multiple products, which I think should be avoided as a best practice to avoid this situation.

It is a function we have added into our app User Management for Confluence: https://marketplace.atlassian.com/apps/1215278/user-management-for-confluence-licence-management-software?tab=overview&hosting=cloud

So if you just need to do it in a bulk one off way, you can just do it via a free trial of the app.

Screenshot 2024-09-12 at 9.02.36 AM.png

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events