API: Add revoke user

Spinmasterj · March 6, 2024, 7:47pm

With the Bitwarden public API, I can add, update and delete users, but I cannot revoke their access. When a user is deleted from an organization, the SSO that protects their vault is removed and they can continue to access their vault’s content and there’s nothing we can do about it.

Please add the ability to revoke access programmatically. We do all of our user management via the API (we don’t use a supported SCIM directory sync provider) and using the delete approach breaks our security protocols.

Thank you!

gtran · April 11, 2024, 1:48am

Hi @Spinmasterj - this makes a lot of sense, thank you for the input. The team is picking up account management and deprovisioning soon and will absolutely incorporate expansions to the API.

As a note, the team will also be working on the ability to delete user accounts as discussed in this topic.

Spinmasterj · January 21, 2025, 9:51pm

Hi Gina, any update on this? Thanks!