Skip to main content

Revoke Flow Access from Group

This endpoint allows administrators to revoke flow access from multiple users at once. It supports two different request formats for flexibility: direct user list or group-based revocation.

Endpoint

POST /api/v1/langflow/admin/permissions/revoke-group

Authentication

Requires Admin authentication:

  • Valid JWT token
  • Admin role verification via middleware

Request Format

Sent as application/json.

Request Body

The endpoint supports two different formats:

Format 1: Direct User List

FieldTypeDescription
userIdsstring[]Array of user IDs to revoke access from
flowIdstringSingle flow ID to revoke access from

Format 2: Group-Based

FieldTypeDescription
groupIdstringGroup identifier to get users from
flowIdsstring[]Array of flow IDs to revoke access from

Example Requests

Group-Based

curl --location 'https://8ehqmu89grlsbn-8001.proxy.runpod.net/api/v1/langflow/admin/permissions/revoke-group' \
--header 'Authorization: Bearer YOUR_JWT_TOKEN' \
--header 'Content-Type: application/json' \
--data '{
  "groupId": "group123",
  "flowIds": ["550e8400-e29b-41d4-a716-446655440000", "660f9511-f3ac-52e5-b827-557766551111"]
}'

Response Format

Success Response

Status Code: 200 OK

The response includes detailed results for each user and flow combination.

{
  "success": true,
  "message": "Processed 2 flows for group access removal",
  "results": [
    {
      "flowId": "550e8400-e29b-41d4-a716-446655440000",
      "success": true,
      "userResults": [
        {
          "userId": "user123",
          "success": true
        },
        {
          "userId": "user456", 
          "success": true
        },
        {
          "userId": "user789",
          "success": false
        }
      ]
    },
    {
      "flowId": "660f9511-f3ac-52e5-b827-557766551111",
      "success": true,
      "userResults": [
        {
          "userId": "user123",
          "success": true
        },
        {
          "userId": "user456",
          "success": false
        }
      ]
    }
  ]
}

Error Responses

Invalid Request Format

Status Code: 400 Bad Request

{
  "error": "Invalid request. Required fields are missing or malformed.",
  "details": "Expected either {userIds, flowId} or {groupId, flowIds}"
}

No Users Found in Group

Status Code: 400 Bad Request

{
  "error": "No users found in group"
}

Group Processing Error

Status Code: 500 Internal Server Error

{
  "error": "Failed to get users for group"
}

Unauthorized

Status Code: 401 Unauthorized

{
  "error": "Unauthorized access"
}

Notes

  • Only administrators can revoke group flow access
  • The endpoint processes all user-flow combinations individually
  • Partial success is possible - some users may succeed while others fail
  • Check the detailed results array to see individual operation outcomes
  • Group resolution currently uses a placeholder implementation
  • Users' API keys remain active, only specific flow permissions are removed
  • The operation continues even if some users don't have access to certain flows
  • Revocation is immediate and cannot be undone (must re-grant if needed)