Re: How to delete users with realms via REST API i...

rturk · ‎10-15-2014

Hi Splunkers & Splunkettes,

So when attempting to remove a configured user via a REST API call, I don't seem to be able to specify a unique user by realm. For example, If I configure two users:

username: svc_splunk

realm: blank

and

username: svc_splunk

realm: SA-ThreatIntelligence

Issuing the following command will remove the first one:

curl -k -u admin:pass --request DELETE \
    https://localhost:8089/servicesNS/nobody/search/storage/passwords/:svc_splunk:

``However, when running it again, I am advised that the user doesn't exist (despite the fact it's present on the Credential Manager page).

From the docs (LINK) there appears to be no way to specify the realm, hence no way to delete the user.

Is there something undocumented that I'm missing?

PS. The current method of changing & deleting users once added is horrible

sduff_splunk · ‎08-11-2015

curl -k -u admin:changeme --request DELETE https://localhost:8089/servicesNS/nobody/search/storage/passwords/realm:username:

For example, the user 'simon' in realm 'work' would be

curl -k -u admin:changeme --request DELETE https://localhost:8089/servicesNS/nobody/search/storage/passwords/work:simon:

How to delete users with realms via REST API in Enterprise Security Credential Management?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Global Splunk User Group Events: May + June 2026

Join the Conversation