How can I deactivate a user using curl

Hello!  I'm using the following command to try to deactivate a user, but it's not working:

curl -k -v -u admin:password -H "X-Requested-With: XMLHttpRequest" -H "Content-Type: application/json"  -X POST https://jira-server.atlassian.net/admin/rest/um/1/user/deativate?username=user2delete

* About to connect() to jira-server.atlassian.net port 443 (#0)
*   Trying 104.192.140.242... connected
* Connected to jira-server.atlassian.net (104.192.140.242) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
*       subject: CN=*.atlassian.net,O="Atlassian Network Services, Inc.",L=San Francisco,ST=California,C=US
*       start date: Sep 09 00:00:00 2014 GMT
*       expire date: Nov 15 12:00:00 2017 GMT
*       common name: *.atlassian.net
*       issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
* Server auth using Basic with user 'admin'
> POST /admin/rest/um/1/user/deativate?username=user2delete HTTP/1.1
> Authorization: Basic YzlnbWF0hHdoLmWxjb21lMTIz
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: jira-server.atlassian.net
> Accept: */*
> X-Requested-With: XMLHttpRequest
> Content-Type: application/json
>
< HTTP/1.1 404 Not Found
< Server: nginx
< Date: Thu, 07 Apr 2016 18:41:50 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: studio.crowd.tokenkey=hSHRvShyG6fi6uFOya5tkQ00; Domain=jira-server.atlassian.net; Path=/; Secure; HttpOnly
< X-Application-Context: application:prod:8080
<
* Connection #0 to host jira-server.atlassian.net left intact
* Closing connection #0

4 answers

1 accepted

3 votes
Accepted answer

WAIT!!!  That was almost it!!  This actually works.  With Cloud, anyway . . .

 

curl  -u $USERNAME:$PASSWORD --header "X-Atlassian-Token: no-check" -H "X-Requested-With: XMLHttpRequest" -H "Content-Type: application/json"  -X POST https://${INSTANCE}/admin/rest/um/1/user/deactivate?username=user2deactivate

Doesn't work with 5.8.18. What Confluence version are you using?

This is for Jira, not confluence

 

Seems like it is not working anymore. I guess since atlassian forced users to chnage to atlassian account.

Anyway, I am getting "User failed to authenticate". Neither old username nor full email address works.

If anybody knows a workaround, would be awesome.

 

It's still working for me.  Can you post the output using "curl -v -s"?  Don't forget to remove the password and the "Authorization" line from the debug output

I guess Atlassian finally got around to updating my cloud instance.  The way to do this now is by using cookies to authenticate.  So, first:

curl -s -c cookie_jar.txt -H "Content-Type: application/json" --data '{"username":"admin_user@domain.com", "password":"PASSWORD"}' -X POST https://cloud_server.atlassian.net/rest/auth/1/session

Then

curl -s --cookie cookie_jar.txt  -H "Content-Type: application/json"  -X POST https://cloud_server.atlassian.net/admin/rest/um/1/user/deactivate?username=user_to_deactivate

Worked for me - Thanks! (Cloud)

We have just switched over to domain validated domain (using Atlassian Identity Manager).

Identity Manager allows for generating an access token...

so I generate an access token from my site owner logon;

https://id.atlassian.com/login

and then I try;

curl -v -H "Content-Type: application/json" -X POST --user siteadmin@site.com:tokenvalue https://xyz.atlassian.net/admin/rest/um/1/user/decativate?username=ruserabc

and I get a "User failed to authenticate" message.

 

Has anyone got this to work with Atlassian Identity Manager and access tokens (as we are using SAML)?

Deactivating a user at his time is only possible Via the UI

The ability to Deactivate users via API is being tracked in this feature request:

 

Thanks!  But it seems like it should be possible to mimic the UI with curl, even if it's not as simple as hitting a REST endpoint, no?

I'm an idiot.  The curl command above works.  I was using the wrong password

Could you possibly accept your answer?

If you want to delete for any reason you can follow pretty much the same info above and just change the url and the method, see below;

curl -s --cookie cookie_jar.txt  -H "Content-Type: application/json"  -X DELETE https://cloud_server.atlassian.net/admin/rest/um/1/user?username=user_to_delete

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Jan 15, 2019 in Statuspage

Introducing Statuspage Getting Started guides! First up: What is Statuspage?

Over the next several weeks we'll be sharing some of our Getting Started guides here in the community. Throughout this series of posts, we'd love to hear from customers and non-customers ab...

262 views 4 1
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you