One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
Permission type
Permissions (from least to most privileged)
Delegated (work or school account)
Directory.AccessAsUser.All
Delegated (personal Microsoft account)
Not supported.
Application
Not supported.
When an application queries a relationship that returns a directoryObject type collection, if it does not have permission to read a certain derived type (like device), members of that type are returned but with limited information. With this behavior, applications can request the least privileged permissions they need, rather than rely on the set of Directory.* permissions. For details, see Limited information returned for inaccessible member objects.
HTTP request
DELETE /devices/{id}/registeredUsers/{id}/$ref
Caution
If /$ref is not appended to the request and the calling app has permissions to manage the user who is a registered user of the device, the user will also be deleted from Azure Active Directory (Azure AD); otherwise, a 403 Forbidden error is returned. You can restore deleted users through the Restore deleted items API.
Request headers
Name
Type
Description
Authorization
string
Bearer {token}. Required.
Request body
Do not supply a request body for this method.
Response
If successful, this method returns a 204 No Content response code.
// Code snippets are only available for the latest version. Current version is 5.x
var graphClient = new GraphServiceClient(requestAdapter);
await graphClient.Devices["{device-id}"].RegisteredUsers["{directoryObject-id}"].Ref.DeleteAsync();
<?php
// THIS SNIPPET IS A PREVIEW FOR THE KIOTA BASED SDK. NON-PRODUCTION USE ONLY
$graphServiceClient = new GraphServiceClient($requestAdapter);
$graphServiceClient->devices()->byDeviceId('device-id')->registeredUsers()->byRegisteredUserId('directoryObject-id')->ref()->delete();