unassignOrganizationRoleFromGroup()

The unassignOrganizationRoleFromGroup() GraphQL mutation field is used to remove an organization role assigned to a group in LogScale.

To assign an organization role to a group, use the assignOrganizationRoleToGroup() mutation. Related to these two mutations are a few others: assignRoleToGroup() and unassignRoleFromGroup() to assign and unassign a role for a group; assignOrganizationManagementRoleToGroup() and unassignOrganizationManagementRoleFromGroup() for organization management roles; and assignSystemRoleToGroup() and unassignSystemRoleFromGroup() to assign and unassign system roles.

Hide Query Example

Show Organization Permissions Query

To get lists of group roles and organization permissions, you could use the organization() query like this:

graphql

query {
      organization { 
        searchDomains{ groups { 
          organizationRoles { 
             role { id, displayName, organizationPermissions } } 
         }
      }
  }
}

For more information on roles in LogScale, see the Manage Users and Permissions documentation page. You may also want to look at Manage Groups for related information.

API Stability Long-Term

Syntax

graphql

unassignOrganizationRoleFromGroup(
      input: RemoveOrganizationRoleFromGroupInput!
   ): UnassignOrganizationRoleFromGroup!

For the input, you'll have to give the unique identifiers for the role you want to unassign, and the group. Click on Show Query above to get the identifiers. See the Given Datatype section for details on the input parameters.

For the results, you can get a list of users, and a list of organization roles, etc. See the Returned Datatype section for more.

Example

Raw

graphql

mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: "abc123",
      roleId: "def456"
    } )
  { group { displayName } }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  unassignOrganizationRoleFromGroup( input: ^
    { groupId: \"abc123\", ^
      roleId: \"def456\" ^
    } ) ^
  { group { displayName } } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  unassignOrganizationRoleFromGroup( input:
    { groupId: \"abc123\",
      roleId: \"def456\"
    } )
  { group { displayName } }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "unassignOrganizationRoleFromGroup": {
      "group": {
        "displayName": "sales"
      }
    }
  }
}

Given Datatype

For the input datatype, you'll need to provide the unique identifiers for the role and the group — the role you want to unassign from which group in the organization. Click on the Show Query link above the Syntax section for an example of how to find the identifiers.

Table: RemoveOrganizationRoleFromGroupInput

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 19, 2024
groupId	string	yes	`Long-Term`	The unique identifier of the group from which the organization should be removed.
roleId	string	yes	`Long-Term`	The unique identifier of the role for the group of the organization.

Returned Datatype

For the return datatype, through sub-parameters, you can get information on the group, such as how many users, a list of them, and which assets they can access. You can also get a list of organization roles using the organizationRoles parameter. The table below contains a link to another table with the sub-parameters:

Table: UnassignOrganizationRoleFromGroup

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Oct 4, 2024
group	Group	yes	`Long-Term`	The group without an assigned organization. See Group.

Versions of this Page

GraphQL Mutations

GraphQL API Stability

GraphQL Queries

GraphQL Datatypes