Skip to main content
DELETE
/
api
/
v2
/
saved-queries
/
{saved_query_id}
/
permissions
Revokes permission of a saved query from users
curl --request DELETE \
  --url https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "user_ids": [
    "3c90c3cc-0d44-4b50-8888-8dd25736052a"
  ]
}
'
import requests

url = "https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions"

payload = { "user_ids": ["3c90c3cc-0d44-4b50-8888-8dd25736052a"] }
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}

response = requests.delete(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'DELETE',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({user_ids: ['3c90c3cc-0d44-4b50-8888-8dd25736052a']})
};

fetch('https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_POSTFIELDS => json_encode([
'user_ids' => [
'3c90c3cc-0d44-4b50-8888-8dd25736052a'
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions"

payload := strings.NewReader("{\n \"user_ids\": [\n \"3c90c3cc-0d44-4b50-8888-8dd25736052a\"\n ]\n}")

req, _ := http.NewRequest("DELETE", url, payload)

req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.delete("https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"user_ids\": [\n \"3c90c3cc-0d44-4b50-8888-8dd25736052a\"\n ]\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://your-tenant.bloodhoundenterprise.io/api/v2/saved-queries/{saved_query_id}/permissions")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Delete.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"user_ids\": [\n \"3c90c3cc-0d44-4b50-8888-8dd25736052a\"\n ]\n}"

response = http.request(request)
puts response.read_body
"[this request has no response data]"
{
"http_status": 400,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "clients",
"message": "The JSON payload could not be unmarshalled."
}
]
}
{
"http_status": 401,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "login",
"message": "Unauthorized"
}
]
}
{
"http_status": 403,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "clients",
"message": "You do not have permission to access this resource"
}
]
}
{
"http_status": 404,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "clients",
"message": "The requested client could not be found."
}
]
}
{
"http_status": 429,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "middleware",
"message": "Too many requests. Please try again later."
}
]
}
{
"http_status": 500,
"timestamp": "2024-02-19T19:27:43.866Z",
"request_id": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"errors": [
{
"context": "clients",
"message": "The request could not be handled due to an unexpected database error."
}
]
}
Applies to BloodHound Enterprise and CE

Authorizations

Authorization
string
header
required

Authorization: Bearer $JWT_TOKEN

Headers

Prefer
string
default:wait=30

Prefer header, used to specify a custom timeout in seconds using the wait parameter as per RFC7240. Passing in wait=-1 bypasses all timeout limits when the feature is enabled.

Pattern: ^wait=(-1|[0-9]+)$

Path Parameters

saved_query_id
integer<int32>
required

ID of the saved query

Body

application/json

The request body for revoking permissions of a saved query from users

user_ids
string<uuid>[]

A list of user ids that will have their permission revoked from the given saved query

Response

No Content This response will contain no response body.

The response is of type string.