URLhttps://<xid-useradm-baseurl>/<pid>/consent
Request

DELETE with URL path parameter pid (same as bankid_altsub) for user in question

AuthenticationAccess Token as Bearer Token in Authorization Header
Response
204No ContentRemoval of consent was successful
401UnauthorizedBearer token is not accepted for any reason
400Bad Request The pid is not an xID user or resource access is insufficient (missing scope)

Error responses contains further information on the reason according to standard.

ExampleSee below

This method removes any consent registered on end user given by pid to use the xID service at the OIDC client identified by the azp in the Bearer Access Token. Hence, this method can only be use by an OIDC client to remove consents for its own xID-enabled service. There is no dialog shown to the end user.

There is currently no support for an OIDC client to remove consents for xID-enabled services other OIDC clients

  • No labels