# Remove user from enterprise `POST https://api.airtable.com/v0/meta/enterpriseAccounts/{enterpriseAccountId}/users/{userId}/remove` Unshare a user from all enterprise workspaces, bases, interfaces, and user groups. If applicable, the user will also have their admin access revoked. Returns lists of unsharing and sharing actions performed as part of the user removal. ## Requirements - **Authentication:** [Personal access token](https://airtable.com/developers/web/api/authentication.md#types-of-token), [OAuth integration](https://airtable.com/developers/web/api/authentication.md#types-of-token) - **Scope:** [`enterprise.user:write`](https://airtable.com/developers/web/api/scopes.md#enterprise-user-write) - **User role:** Enterprise admin - **Billing plans:** Enterprise (pre-2023.08 legacy plan), Enterprise Scale ## Path parameters - `enterpriseAccountId: string` - `userId: string` ## Request body - `removeFromDescendants: boolean` — optional If true, removes the user from descendant enterprise accounts as well. Only enterprise accounts with the Enterprise Hub feature enabled have descendant enterprise accounts. - `replacementOwnerId: string` — optional If the user is the sole owner of any workspaces, you must specify a replacementOwnerId to be added as the new owner of such workspaces. If the user is not the sole owner of any workspaces, replacementOwnerId is optional and will be ignored if provided. - `isDryRun: boolean` — optional ## Response format - `wasUserRemovedAsAdmin: boolean` — required If removeFromDescendants is true, this field represents whether the user was removed as an admin of this enterprise account or its descendants. - `shared: object` — required A list of JSON objects representing workspaces that replacementOwnerId was shared to. - `workspaces: array` — required - `enterpriseAccountId: string` — optional Only returned when removeFromDescendants is true - `userId: string` — optional A user ID - `deletedTime: string | null` — required - `permissionLevel: "none" | "read" | "comment" | "edit" | "create" | "owner"` — required - `workspaceId: string` — required - `workspaceName: string` — required - `unshared: object` — required A list of JSON objects representing workspaces, bases, and interfaces the user was unshared from. - `bases: array` — required - `baseId: string` — required Base ID, a unique identifier for a base. - `userId: string` — required A user ID - `enterpriseAccountId: string` — optional Only returned when removeFromDescendants is true - `baseName: string` — required - `deletedTime: string | null` — required - `formerPermissionLevel: "none" | "read" | "comment" | "edit" | "create" | "owner"` — required - `interfaces: array` — required - `baseId: string` — required Base ID, a unique identifier for a base. - `userId: string` — required A user ID - `enterpriseAccountId: string` — optional Only returned when removeFromDescendants is true - `deletedTime: string | null` — required - `formerPermissionLevel: "none" | "read" | "comment" | "edit" | "create" | "owner"` — required - `interfaceId: string` — required - `interfaceName: string` — required - `workspaces: array` — required - `userId: string` — required A user ID - `enterpriseAccountId: string` — optional Only returned when removeFromDescendants is true - `deletedTime: string | null` — required - `formerPermissionLevel: "none" | "read" | "comment" | "edit" | "create" | "owner"` — required - `workspaceId: string` — required - `workspaceName: string` — required ### Example — Success Response ```sh curl -X POST "https://api.airtable.com/v0/meta/enterpriseAccounts/{enterpriseAccountId}/users/{userId}/remove" \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ --data '{ "replacementOwnerId": "usrL2PNC5o3H4lBEi" }' ``` ```json { "shared": { "workspaces": [ { "deletedTime": null, "permissionLevel": "owner", "userId": "usrL2PNC5o3H4lBEi", "workspaceId": "wsp00000000000000", "workspaceName": "Workspace name" } ] }, "unshared": { "bases": [ { "baseId": "app00000000000000", "baseName": "Base name", "deletedTime": null, "formerPermissionLevel": "create", "userId": "usr00000000000000" } ], "interfaces": [ { "baseId": "app00000000000000", "deletedTime": null, "formerPermissionLevel": "create", "interfaceId": "pgb00000000000000", "interfaceName": "Interface name", "userId": "usr00000000000000" } ], "workspaces": [ { "deletedTime": null, "formerPermissionLevel": "owner", "userId": "usr00000000000000", "workspaceId": "wsp00000000000000", "workspaceName": "Workspace name" } ] }, "wasUserRemovedAsAdmin": true } ``` ## Error responses ### 403 **Cannot perform action on self** — You are not permitted to perform this operation on yourself. If necessary, another admin should do it. ```json { "error": { "message": "You are not permitted to perform this operation on yourself", "type": "INVALID_PERMISSIONS" } } ``` **Email not verified** — replacementOwnerId, if required, must correspond to a verified user account. ```json { "error": { "message": "Replacement owner must have verified email", "type": "INVALID_PERMISSIONS" } } ``` **Enterprise invite restrictions** — replacementOwnerId, if required, must abide by the enteprise account's invite restrictions. ```json { "error": { "message": "You cannot use that replacementOwnerId because of this enterprise account's invite restrictions", "type": "INVALID_PERMISSIONS" } } ``` **Removing replacement owner** — TBD ```json { "error": { "message": "Replacement owner must be different from the users being removed", "type": "INVALID_PERMISSIONS" } } ``` **Removing sole owner** — If the user is the sole owner of a workspace, replacementOwnerId must be provided in the request body. ```json { "error": { "message": "Replacement owner is required if to-be-removed users are the sole owners on workspace(s)", "type": "INVALID_PERMISSIONS" } } ``` **Replacement owner not found** — TBD ```json { "error": { "message": "No user with that replacementOwnerId could be found", "type": "INVALID_PERMISSIONS" } } ```