API Stability Preview

The unassignOrganizationManagementRoleFromGroup() GraphQL mutation may be used to remove the organization management role assigned to the group for the provided organizations.

To assign a role to a group, use the assignOrganizationManagementRoleToGroup() mutation. Related to these two mutations are a few others: assignRoleToGroup() and unassignRoleFromGroup() to assign and unassign a role for a group; assignOrganizationRoleToGroup() and unassignOrganizationRoleFromGroup() to assign and unassign organization roles; and assignSystemRoleToGroup() and unassignSystemRoleFromGroup() to assign and unassign system roles.

For more information on roles in LogScale, see the Manage Users and Permissions documentation page. You may also want to look at the Manage Users and Permissions page for related information.

Syntax

graphql
unassignOrganizationManagementRoleFromGroup(
      input: UnassignOrganizationManagementRoleFromGroupInput!
   ): UnassignOrganizationManagementRoleFromGroup!

Example

Below is an example of how this mutation field might be used:

Raw
graphql
mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: "sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp",
       roleId: "oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2",
       organizationIds:[ "SINGLE_ORGANIZATION_ID" ]
     } 
  )
  { group { displayName } }
}
Mac OS or Linux (curl)
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}"
}
EOF
Mac OS or Linux (curl) One-line
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}"
}
EOF
Windows Cmd and curl
shell
curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  unassignOrganizationManagementRoleFromGroup(input: ^
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\", ^
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\", ^
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ] ^
     }  ^
  ) ^
  { group { displayName } } ^
}" ^
} '
Windows Powershell and curl
powershell
curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"
Perl
perl
#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";
Python
python
#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)
Node.js
javascript
const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  unassignOrganizationManagementRoleFromGroup(input:
     { groupId: \"sQjSEU6MDp6W9HrwAejmL9yHJlk6Q1sp\",
       roleId: \"oM04QwJ9N3FDHdzqOyboxvjYSwQsXzA2\",
       organizationIds:[ \"SINGLE_ORGANIZATION_ID\" ]
     } 
  )
  { group { displayName } }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();
Example Responses
Success (HTTP Response Code 200 OK)
json
{
  "data": {
    "unassignOrganizationManagementRoleFromGroup": {
      "group": {
        "displayName": "sales"
      }
    }
  }
}

Given Datatype

For the input datatype, you'll need to provide the unique identifiers for the role, the group, and the organizations — the role you want to unassign from which group from which organizations. The table below lists these parameters and describes them:

Table: UnassignOrganizationManagementRoleFromGroupInput

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 23, 2024
groupIdstringyes PreviewThe unique identifier for the group.
organizationIds[string]yes PreviewThe unique identifiers for the organization.
roleIdstringyes PreviewThe unique identifier for the role.

Returned Datatype

For the return datatype, through sub-parameters, you can get information on the group, such as how many users, a list of them, and which assets they can access. You can also get a list of organization roles using the organizationRoles parameter. The table below contains a link to another table with the sub-parameters:

Table: UnassignOrganizationManagementRoleFromGroup

ParameterTypeRequiredDefaultStabilityDescription
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Feb 18, 2025
groupGroupyes PreviewThe group for which the organization management role was unassigned. See Group.