Documentation
Start typing to search…

Delete Permission

Definition

The "Delete Permission" action in the Google Workspace category allows you to remove a specific user or group's access to a file, folder, or Shared Drive in Google Drive by deleting their associated permission. This action is essential for managing access control, ensuring that only the right individuals retain access to sensitive or shared content. Whether you're revoking collaboration rights from a former team member or cleaning up outdated access, this action enables precise and secure permission management through automation.



Example Use Cases:

1. Revoke Access for Departed Employees

Automatically remove access to company files or folders when an employee leaves the organization, helping maintain data security and compliance.

2. Manage Temporary Collaborators

Remove permissions granted to external partners or contractors after a project ends, ensuring that sensitive information is no longer accessible.

3. Restrict Over-Shared Documents

Clean up file or folder permissions that have been shared too broadly (e.g., "Anyone with the link"), replacing them with more controlled access.

4. Offboarding Workflow Integration

As part of an HR offboarding workflow, this action can remove access rights to specific Drive resources based on predefined criteria.

5. Reorganize Shared Drive Membership

When team responsibilities change, use this action to remove outdated members from Shared Drives, ensuring proper data ownership.


Input :

Connection

A valid Google Workspace Administration connection is required to authenticate and authorize this action. This connection uses a service account with domain-wide delegation, which allows Zenphi to act on behalf of users within your domain. You must upload a credential JSON file when creating the connection.📘 Need help setting it up? Follow this guide:Zenphi Docs – Creating a Google Workspace Admin Connection

User Email

This is the primary email address of the user initiating the permission deletion. It identifies the user on whose behalf the API call is made.✅ *Example:[email protected]*💡 This should be the email that the user uses to sign in to Google Workspace and manage the relevant file, folder, or drive.

Permission ID

The unique identifier of the permission (or member) you want to remove from the file, folder, or Shared Drive. This ID is typically retrieved via an earlier "List Permissions" action or through the Drive API.🔍 It could refer to a user, group, domain, or even “anyone”.

File, Folder, or Shared Drive ID

This is the ID of the Google Drive resource (file, folder, or Shared Drive) from which you want to delete the permission.To locate this ID in the Google Drive interface:

  1. Go to Google Drive and find the item.
  2. Right-click the item and click “Get link” or “Share”.
  3. In the URL shown, the ID is the string after d/ and before /view.➡️ Example: Inhttps://drive.google.com/file/d/1234567890abcdef/view, the ID is 1234567890abcdef.

Note: You can retrieve this ID using the "List File/Folder" action in Google Drive. When setting up that action, use the connection associated with the primary email of the user whose file or folder you want to manage permissions for. This ensures the correct visibility and access to locate and act on the appropriate item.

This field is essential for pinpointing the exact resource whose permissions you're managing.


Example Scenario:

Example Scenario: Offboarding a Former Employee from a Shared Drive

**Situation:**An employee named Jane Smith has recently left your organization. As part of your offboarding process, you want to remove her access to a specific Shared Drive that she previously collaborated on with others.

How to Set It Up in a Zenphi Flow:

  1. Trigger the Flow when an employee's offboarding form is submitted or a deactivation flag is set in your HR system.

  2. Use a “List Permissions” action to retrieve all users who have access to the specific Shared Drive.

  3. Filter the List to find the permission entry where the user's email matches [email protected].

  4. Use “Delete Permission” to remove that permission:

    • Connection: Your Google Workspace Admin connection (with domain-wide delegation).
    • User Email: Admin or service account acting on behalf of the user (e.g., [email protected]).
    • Permission ID: The ID retrieved for Jane's access.
    • File, Folder, or Shared Drive ID: The ID of the Shared Drive in question.

**Result:**Jane’s access to the Shared Drive is revoked automatically as part of your offboarding automation, ensuring your organization’s data remains secure without requiring manual intervention.

This example highlights how the action can seamlessly integrate into an HR or IT flow to manage user permissions effectively.

Updated about 4 hours ago