Deauthorization Webhook Handling Based on User's Role

Hi. I am working on creating a user-managed OAuth App.

I’m having difficulty finding the handling for the deauthorization webhook based on the roles.

For example, if an admin or an owner sends the deauthorization, does this apply to any users authorized for the account? Or does this only apply to that user regardless of role?

With that, do I use the role_name value returned from a User GET request? Can I make a user GET request after the deauthorization is received, or does that information need to be stored upon the initial authorization?

Thank you!

Hey @chadk,

Roles do not affect the deauthorization flow. User Level Apps can only be uninstalled by the user who installed them. :slight_smile:

Does that clear things up?


Yes, thank you. I now realize the documentation is for both types of OAuth Apps.

1 Like

Happy to help! :slight_smile: