Remove content access for members

delete

https://api.seismic.com/cm/v1/teamSites/{teamSiteId}/items/{itemId}/contentAccessPermissions/members

Remove explicit content access assignments for one or more users or groups from a specific TeamSite item, including TeamSite home when itemId is root. Use this operation when an integration needs to revoke direct access that was previously granted on a file, folder, or TeamSite root.

When removal succeeds, the specified members are removed from the target item's explicit access list. Depending on service rules, removal may also affect inherited or upstream access relationships that originate from the same assignment chain.

Domain Terms

TeamSite root: the top-level home location of a TeamSite, addressed by itemId: root.
Upstream folders: parent folders between the target item and TeamSite root that participate in inherited access behavior.
TeamsiteOwner and ProfileManager: administrative roles with elevated TeamSite permissions that may not be removable in some scenarios.

Removal Rules

Full-control members cannot be removed from any content with this operation.
TeamSite administrative members (TeamsiteOwner or ProfileManager) cannot be removed from TeamSite root.
The caller must have CanManage permission on the target content or relevant upstream path.
Removing access on TeamSite root requires CanManage permission on TeamSite root itself.
The caller cannot remove their own access.
The caller cannot remove the last remaining group that grants their own access.

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

teamSiteId

string

required

Identifier of the teamsite context for the request. Use a TeamSite GUID or the special value 1 for the default TeamSite.

itemId

string

required

Identifier of the TeamSite item whose explicit content access entries should be removed. Use a GUID for a file or folder, or root for TeamSite home.

Body Params

Array of members whose explicit content access should be removed from the target item. Each object identifies one user or group by memberId plus an isGroup flag.

Request body samples

[
  {
    "memberId": "125434a6-9733-bceb-f43b-803e003f0d6f",
    "isGroup": false
  },
  {
    "memberId": "3079eb90-23b7-1c7e-30c7-ff2b2e79a7c6",
    "isGroup": true
  }
]

Array of users or groups whose explicit access entries should be removed from the target item.

Request model that identifies a single user or group whose explicit content access should be removed from a TeamSite item.

memberId

string

required

Unique member identifier for the access entry being removed. Use a user or group GUID returned by content access listing APIs.

isGroup

boolean

required

Boolean flag indicating whether memberId identifies a group instead of an individual user.

Responses

204

Successfully removed the requested explicit content access entries.

`403` in legacy environments.

`403`; clients should handle both `401` and `403` for auth-related failures.

Language

Credentials

Header

Loading…

Response

Click Try It! to start a request and see the response here! Or choose an example:

application/json

Request body samples

400Bad Request. The request is invalid or includes members whose access cannot be removed under current business rules.

401Unauthorized. The request is missing a valid authentication token or the token has expired. For backward compatibility, clients should also handle equivalent auth failures returned as 403 in legacy environments.

403Forbidden. The caller lacks permission to manage content access for the requested item. In some legacy environments, expired or missing authentication may also surface as 403; clients should handle both 401 and 403 for auth-related failures.

404Not Found. The TeamSite or target item could not be found for the provided identifiers.

500Internal Server Error. The service failed while removing content access from the requested item.

`403` in legacy environments.

`403`; clients should handle both `401` and `403` for auth-related failures.