Removing yourself from a user registry

As an API Connect user, you can remove yourself from the API Connect user registry in which you were registered, by using the developer toolkit CLI.

Before you begin

You cannot remove yourself from a user registry if you are a member of a provider organization. Before removing yourself from a user registry, ensure that you have been deleted from any provider organizations. For more information, see Removing a user from an organization.

Procedure

  1. Log in to the management server as the user that you want to remove.

    The format of the login command depends on whether you are a user in the Cloud Manager admin organization, or you are a user in a provider organization.

    If you are a Cloud Manager admin user, enter the following command:
    apic login --server mgmt_endpoint_url --username user_id --password password --realm admin/identity_provider
    If you are a provider organization user, enter the following command:
    apic login --server mgmt_endpoint_url --username user_id --password password --realm provider/identity_provider
    If you want to log in as a member of the cloud administration organization, or as a member of a provider organization, you can help determine which identity provider to use in the --realm parameter by entering the following command to see a list of all available identity providers (you do not need to be logged in to use this command):
    apic identity-providers:list --scope scope --server mgmt_endpoint_url --fields title,realm
    where scope has the value admin or provider depending on whether you want to log in as a member of the cloud administration organization, or as a member of a provider organization. The output lists the names and titles of all identity providers, for example:
    apic identity-providers:list --scope admin --server myserver.com --fields title,realm
    total_results: 2
    results:
      - title: Cloud Manager User Registry
        realm: admin/default-idp-1
      - title: Corporate LDAP user registry
        realm: admin/corporate-ldap
    The title value should enable you to determine which identity provider to use; you can then copy the corresponding --realm parameter directly from the displayed realm value. For any identity providers that were created by your administrator after API Connect was installed, the names will have been determined at creation time. The default Cloud Manager Local User Registry for login as a member of the cloud administration organization is default-idp-1, and the default API Manager Local User Registry for login as a member of a provider organization is default-idp-2.

    For full details of the apic login command, see Logging in to a management server.

    Note: If the same user registry is used for both the Cloud Manager and API Manager user interfaces, and you have access to both, when you remove yourself from the user registry you will lose access to both user interfaces regardless of which organization you log in to.
  2. Remove yourself from the user registry. Enter the following command:
    apic me:delete --server mgmt_endpoint_url
    For example:
    apic me:delete --server platform-api.myserver.com.com
    The command confirms successful removal by returning the details of the deleted user; for example:
    user1    [state: enabled]   https://platform-api.myserver.com.com/api/user-registries/32830897-1d23-4fac-acf5-0193d0b2c1b5/4438937a-6ad0-4eaa-9163-820888ac6245/users/040adb11-e9a4-4d93-9c2e-62a974da0689