Deactivate a user

Deactivate an existing user and change the state 'deactivated'. The user will not be able to log in anymore. Use deactivate user when the user should not be able to use the account anymore, but you still need access to the user data.

The endpoint returns an error if the user is already in the state 'deactivated'.

Path Parameters

userId string required

unique identifier of the user.

Responses

• 200
• 403
• 404
• default

---

User successfully deactivated

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-06-11T10:37:14.673Z",
    "resourceOwner": "69629023906488334"
  }
}

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-06-11T10:37:14.673Z",
    "resourceOwner": "69629023906488334"
  }
}

Schema

Example (from schema)

---

Schema

details object
sequence uint64
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
changeDate date-time
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
resourceOwner resource_owner is the organization or instance_id an object belongs to

{
  "details": {
    "sequence": "2",
    "changeDate": "2024-06-11T10:37:14.674Z",
    "resourceOwner": "69629023906488334"
  }
}

Returned when the user does not have permission to access the resource.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json

application/grpc

application/grpc-web+proto

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema

Example (from schema)

---

Schema

code int32
message string
details object[]
Array [
@type string
]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

POST /v3alpha/users/:userId/deactivate

Authorization

name: OAuth2type: oauth2scopes: openid,urn:zitadel:iam:org:project:id:zitadel:audflows: {
  "authorizationCode": {
    "authorizationUrl": "$CUSTOM-DOMAIN/oauth/v2/authorize",
    "tokenUrl": "$CUSTOM-DOMAIN/oauth/v2/token",
    "scopes": {
      "openid": "openid",
      "urn:zitadel:iam:org:project:id:zitadel:aud": "urn:zitadel:iam:org:project:id:zitadel:aud"
    }
  }
}

Request

Base URL

https://$CUSTOM-DOMAIN

Bearer Token

userId — path required

Accept

application/jsonapplication/grpcapplication/grpc-web+proto

curl / cURL

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

python / requests

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

go / native

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

nodejs / axios

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

ruby / Net::HTTP

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

csharp / RestSharp

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

php / cURL

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

java / OkHttp

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'

powershell / RestMethod

curl -L -X POST 'https://$CUSTOM-DOMAIN/v3alpha/users/:userId/deactivate' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>'