Revoke a role from a user
POST
/roles/revoke
Removes a role assignment from a user. Requires the manage_users permission. Returns 404 if the user does not hold the role.
Authorizations
BearerAuth
Authentication is handled automatically via httpOnly session cookies after signing in at /cognito/signin or via Google SSO at /cognito/oauth/google. For Swagger UI testing, paste a JWT token from the /cognito/signin response.
Type
HTTP (bearer)
Request Body
application/json
JSON
{
"userId": "string",
"roleId": "string"
}
Responses
Role revoked
application/json
JSON
{
"success": true,
"message": "string"
}