Delete users from Atlassian Cloud

Hi,

We have to delete a bunch of users from Atlassian Access. I’ve found the following API: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-users/#api-rest-api-3-user-delete
I know that it says that it’s experimental, but I get the following error, also with non-experimental API calls from this page:

So I am using exactly this script:

// https://www.npmjs.com/package/node-fetch
const fetch = require('node-fetch');

fetch('https://your-domain.atlassian.net/rest/api/3/user?accountId=5b10ac8d82e05b22cc7d4ef5', {
  method: 'DELETE',
  headers: {
    'Authorization': `Basic ${Buffer.from(
      'email@example.com:<api_token>'
    ).toString('base64')}`
  }
})
  .then(response => {
    console.log(
      `Response: ${response.status} ${response.statusText}`
    );
    return response.text();
  })
  .then(text => console.log(text))
  .catch(err => console.error(err));`Preformatted text``

By adding my domain, my e-mail address and my API key (retrieved via Atlassian Access).
But I get the following error:

Response: 401 Unauthorized
Basic authentication with passwords is deprecated.  For more information, see: https://confluence.atlassian.com/cloud/deprecation-of-basic-authentication-with-passwords-for-jira-and-confluence-apis-972355348.html

I also tried with my API key found via id.atlassian.net.

Anyone ideas?

Thank you in advance.

Hi @veroniqueadriaensen,

I think that the Atlassian Admin APIs require a different type of API token than the one you generate at id.atlassian.com.

The ones you’re probably looking for can be generated at https://admin.atlassian.com/ → Your Access instance → Settings → API keys.

Hope this helps :slight_smile:
Tobias

1 Like

Actually, let me clarify this. To remove users from Access, you’ll have to use one of these APIs, I think:

1 Like

Hi,

Thank you for your reply. I have first tried this with my admin API key as that seemed obvious to me, but as it didn’t work, I also tried with my id.atlassian API key. Both unfortunately without success.

@tobitheo ,

Thank you. Do you have any idea about the difference between the disable API and the deactivate API? We have to make sure that the user accounts have been deleted so that their email addresses can be reused again.

I do not, sorry. I also don’t know if they fit your use case. Maybe someone from the Access team can answer this here or over at community.atlassian.com