Remove application owner

Namespace: microsoft.graph

Remove an owner from an application. As a recommended best practice, apps should have at least two owners.

Permissions

One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

Permission type	Permissions (from least to most privileged)
Delegated (work or school account)	Application.ReadWrite.All, Directory.ReadWrite.All
Delegated (personal Microsoft account)	Not supported.
Application	Application.ReadWrite.OwnedBy, Application.ReadWrite.All

HTTP request

DELETE /applications/{id}/owners/{id}/$ref

Caution

If /$ref is not appended to the request and the calling app has permissions to manage the user who is the app owner, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a 403 Forbidden error is returned. You can restore deleted users through the Restore deleted items API.

Request headers

Name	Description
Authorization	Bearer {token}. Required.

Request body

In the request body, supply the identifier of the directory object to be assigned as owner.

Response

If successful, this method returns a 204 No Content response code.

Example

Request

The following example shows the request.

HTTP

DELETE https://graph.microsoft.com/v1.0/applications/{id}/owners/{id}/$ref

C#

var graphClient = new GraphServiceClient(requestAdapter);

await graphClient.Applications["{application-id}"].Owners["{directoryObject-id}"].Ref.DeleteAsync();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

JavaScript

const options = {
	authProvider,
};

const client = Client.init(options);

await client.api('/applications/{id}/owners/{id}/$ref')
	.delete();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Java

GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();

graphClient.applications("{id}").owners("{id}").reference()
	.buildRequest()
	.delete();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Go

//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


graphClient.ApplicationsById("application-id").OwnersById("directoryObject-id").Ref().Delete(context.Background(), nil)

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PowerShell

Import-Module Microsoft.Graph.Applications

Remove-MgApplicationOwnerByRef -ApplicationId $applicationId -DirectoryObjectId $directoryObjectId

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

PHP

<?php

// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);


$graphServiceClient->applicationsById('application-id')->ownersById('directoryObject-id')->ref()->delete();

For details about how to add the SDK to your project and create an authProvider instance, see the SDK documentation.

Response

The following is an example of the response.

Note: The response object shown here might be shortened for readability.

HTTP/1.1 204 No Content