> ## Documentation Index
> Fetch the complete documentation index at: https://docs.tesouro.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Deactivates a role in the caller's organization.

> **Token types:** APP, USER | **Required scopes:** `role:write:org`



## OpenAPI

````yaml /.tooling/schemas/rest/tags/product-finops.json delete /identity/v1/roles/{roleId}
openapi: 3.1.0
info:
  title: Tesouro Partner API
  version: '2025-06-23'
  description: The Tesouro REST API, for Tesouro partners to integrate with our solution.
  termsOfService: https://tesouro.com/terms
  contact:
    name: Tesouro team
    url: https://tesouro.com/about/
    email: developers@tesouro.com
servers:
  - url: https://api.sandbox.tesouro.com
    description: Sandbox
security: []
tags:
  - name: Accounting connections
  - name: Accounting data pull
  - name: Accounting synchronized records
  - name: Accounting tax rates
  - name: Analytics
  - name: Approval policies
  - name: Approval requests
  - name: Bank details
  - name: Comments
  - name: Cost centers
  - name: Counterpart VAT IDs
  - name: Counterpart addresses
  - name: Counterpart bank accounts
  - name: Counterpart contacts
  - name: Counterparts
  - name: Credit notes
  - name: Custom tax rates
  - name: Delivery notes
  - name: Documents
  - name: Entities
  - name: Entity users
  - name: Events
  - name: Files
  - name: Identity
  - name: Ledger accounts
  - name: Mail templates
  - name: Mailbox domains
  - name: Mailboxes
  - name: Measure units
  - name: OCR
  - name: Overdue reminders
  - name: PDF templates
  - name: Payable line items
  - name: Payables
  - name: Payment intents
  - name: Payment links
  - name: Payment methods
  - name: Payment records
  - name: Payment reminders
  - name: Payment terms
  - name: Products
  - name: Projects
  - name: Purchase orders
  - name: Receipts
  - name: Receivables
  - name: Recurrences
  - name: Tags
  - name: Text templates
  - name: Transactions
  - name: VAT rates
  - name: Webhook deliveries
  - name: Webhook subscriptions
paths:
  /identity/v1/roles/{roleId}:
    delete:
      tags:
        - Identity
      summary: Deactivates a role in the caller's organization.
      description: '**Token types:** APP, USER | **Required scopes:** `role:write:org`'
      operationId: DeleteRole
      parameters:
        - name: roleId
          in: path
          description: The ID of the role to deactivate.
          required: true
          schema:
            type: string
            format: uuid
        - name: X-Organization-ID
          in: header
          description: >-
            ID of the organization to scope this operation to. When omitted, the
            role is disabled in the caller's own organization. Must be a valid
            non-empty UUID. Present but empty or malformed values return 400.
          schema:
            type: string
            format: uuid
      responses:
        '204':
          description: Role deactivated successfully.
        '401':
          description: Unauthorized - no valid JWT token provided.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '403':
          description: >-
            Forbidden - caller lacks required scope or no organization ID in
            token.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '404':
          description: Not found - role does not exist.
          content:
            text/plain:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            application/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
            text/json:
              schema:
                $ref: '#/components/schemas/ProblemDetails'
        '500':
          description: Internal server error.
      security:
        - APPToken:
            - role:write:org
        - USERToken:
            - role:write:org
components:
  schemas:
    ProblemDetails:
      type: object
      properties:
        detail:
          type:
            - 'null'
            - string
        instance:
          type:
            - 'null'
            - string
        status:
          pattern: ^-?(?:0|[1-9]\d*)$
          type:
            - 'null'
            - integer
            - string
          format: int32
        title:
          type:
            - 'null'
            - string
        type:
          type:
            - 'null'
            - string
  securitySchemes:
    APPToken:
      type: oauth2
      description: Application (M2M) OAuth2 access token (client credentials).
      flows:
        clientCredentials:
          tokenUrl: /connect/token
          scopes:
            acceptor:application:read: >-
              View merchant boarding applications, including business and
              ownership details. Contains sensitive personally identifiable
              information.
            acceptor:application:secondaryapproval: >-
              Provide a secondary approval on merchant boarding and underwriting
              applications as part of a multi-step review.
            acceptor:application:write: >-
              Edit, approve, and manage merchant boarding and underwriting
              applications, and attach supporting documents.
            accounting_config:read:org: >-
              View ledger accounts, tax rates, cost centers, tags, and projects
              configured for your organization.
            accounting_config:write:org: >-
              Create and update ledger accounts, tax rates, cost centers, tags,
              and projects for your organization.
            acquiring:report:read: >-
              View transaction and settlement reports for your acquiring
              activity.
            approval_policy:read:org: >-
              View approval workflows and spending policies configured for your
              organization.
            approval_policy:write:org: >-
              Create and update approval workflows and spending policies for
              your organization.
            approval_request:create:org: >-
              Submit items for approval within your organization's approval
              workflows.
            approval_request:delete:org: Delete approval requests within your organization.
            approval_request:read:org: >-
              View pending and completed approval requests across your
              organization.
            approval_request:update:org: >-
              Edit and update existing approval requests within your
              organization.
            authorization_control:read:org: Read access to authorization control at the organization level.
            bank_account_application:read:org: >-
              View submitted applications to open bank accounts within your
              organization.
            bank_account_application:write:org: >-
              Submit and manage applications to open new bank accounts within
              your organization.
            bank_account:read:org: View bank account details and balances within your organization.
            bank_account:write:org: Create, update, and close bank accounts within your organization.
            beneficial_owner:read:org: >-
              View beneficial ownership information, including individuals'
              ownership stakes and identifying details.
            comment:read:org: >-
              View comments and notes added to financial records across your
              organization.
            comment:write:org: >-
              Add and manage comments and notes on financial records across your
              organization.
            counterpart:read:org: >-
              View the suppliers and clients your organization transacts with.
              Counterparts are required before creating invoices, quotes, and
              other financial documents.
            counterpart:write:org: >-
              Add and update the suppliers and clients your organization
              transacts with. Counterparts are required before creating
              invoices, quotes, and other financial documents.
            credit_card:activate:org: >-
              Activate newly issued credit cards for use within your
              organization.
            credit_card_application:read:org: View credit card applications submitted within your organization.
            credit_card_application:write:org: >-
              Submit and manage credit card applications within your
              organization.
            credit_card:read:org: >-
              View credit card details and status for cards in your
              organization.
            developer_portal: >-
              Access the Tesouro Developer Portal to view API documentation and
              manage developer resources.
            dispute:read: >-
              View payment disputes and any supporting documents attached to
              them.
            dispute:write: >-
              Accept or challenge payment disputes by uploading and submitting
              supporting evidence.
            email: ''
            expense:approve:org: >-
              Review and approve or reject expense reports submitted across your
              organization.
            expense:read:org: View expense reports and submissions across your organization.
            expense:read:self: View your own expense submissions and reports.
            expense:write:org: Create and update expense submissions across your organization.
            expense:write:self: Submit and update your own expense reports.
            export:read:org: >-
              View and download previously generated data exports for your
              organization.
            export:write:org: Generate and manage data exports for your organization.
            external_bank_account:micro_deposit:org: >-
              Initiate micro-deposit verification to confirm ownership of
              external bank accounts linked to your organization.
            external_bank_account:read:org: >-
              View external bank accounts that have been linked to your
              organization.
            external_bank_account:set_verification:org: >-
              Manually set the verification status of linked external bank
              accounts, bypassing the standard verification process.
            external_bank_account:write:org: >-
              Add, update, or remove external bank accounts linked to your
              organization.
            invoice:read:org: View invoices issued and received across your organization.
            invoice:write:org: Create, edit, and manage invoices across your organization.
            mailbox:read:org: >-
              View the email mailboxes configured to automatically capture
              incoming invoices as payables and collect expense receipts for
              your organization.
            mailbox:write:org: >-
              Configure email mailboxes that automatically capture incoming
              invoices as payables and collect expense receipts for your
              organization.
            notification:subscription:read: >-
              View active webhook and event notification subscriptions and their
              configurations.
            notification:subscription:write: >-
              Create, update, and delete webhook and event notification
              subscriptions.
            ocr_task:read:org: >-
              View the results and status of automated receipt and invoice
              scanning tasks.
            ocr_task:write:org: >-
              Submit and manage automated receipt and invoice scanning tasks for
              your organization.
            offline_access: ''
            oidc:app:manage: >-
              Add, edit, and remove access to OIDC applications and their
              scopes.
            oidc:app:read: Read only access to the OIDC applications and their scopes
            oidc:app:write: >-
              Add and edit - but not remove - access to OIDC applications and
              their scopes
            openid: ''
            organization:read:org: View your organization's profile and general details.
            organization_settings:read:org: View configuration settings for your organization.
            organization_settings:write:org: Update configuration settings for your organization.
            organization:write:org: Update your organization's profile and general details.
            org:write:all: >-
              Enable or disable organizations on the platform. This is a
              high-privilege permission typically reserved for platform
              administrators.
            partner_portal: >-
              Access the Tesouro Partner Portal to manage your partnership
              settings and sub-merchant configurations.
            payable:approve:org: >-
              Review and approve bills and accounts payable before they are
              paid.
            payable:pay:org: >-
              Authorize and submit payments for approved bills and accounts
              payable.
            payable:read:org: View bills and accounts payable across your organization.
            payable:write:org: >-
              Create and update bills and accounts payable across your
              organization.
            payment_link:write: >-
              Generate and manage shareable payment links to collect payments
              from customers.
            payment_processing: ''
            payment_rail:ach: Process payments via the ACH (Automated Clearing House) network.
            payment_rail:fednow: Process instant payments via the FedNow network.
            payment_rail:rtp: Process real-time payments via the RTP network.
            payment_record:read:org: >-
              View payment transaction history and records for your
              organization.
            payment_record:write:org: >-
              Record payments against invoices and manage their status,
              including marking payments as succeeded, cancelling, or moving
              them into processing.
            product:read:org: >-
              View the product and service catalog used for invoicing within
              your organization.
            product:write:org: >-
              Add and update products and services in your organization's
              invoicing catalog.
            profile: ''
            role:read:org: >-
              View user roles and their associated permissions within your
              organization.
            role:write:org: >-
              Create and update user roles and permission sets within your
              organization.
            transfer:write:org: Create and submit money transfers within your organization.
            underwriting:application:approval:escalation: >-
              Provide a senior-level escalation approval on underwriting
              applications that require additional review.
            underwriting:application:approval:secondary: >-
              Provide a second-level approval on underwriting applications as
              part of a multi-step review process.
            underwriting:application:read: >-
              View underwriting applications, including sensitive business
              details and personally identifiable information.
            underwriting:application:write: >-
              Edit, approve, and manage underwriting applications and decisions,
              and attach supporting documents.
            user_profile:write:all: >-
              Update profile information for any user across all organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user_profile:write:self: >-
              Update your own user profile, including your name, contact
              information, and preferences.
            user:read:org: View user accounts and their details within your organization.
            user:read:self: >-
              Read access to the user's own record and the name/email of their
              direct reports.
            user:write:all: >-
              Create and manage user accounts across multiple organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user:write:org: Create, update, and manage user accounts within your organization.
    USERToken:
      type: oauth2
      description: User OAuth2 access token (authorization code with PKCE).
      flows:
        authorizationCode:
          authorizationUrl: /connect/authorize
          tokenUrl: /connect/token
          scopes:
            acceptor:application:read: >-
              View merchant boarding applications, including business and
              ownership details. Contains sensitive personally identifiable
              information.
            acceptor:application:secondaryapproval: >-
              Provide a secondary approval on merchant boarding and underwriting
              applications as part of a multi-step review.
            acceptor:application:write: >-
              Edit, approve, and manage merchant boarding and underwriting
              applications, and attach supporting documents.
            accounting_config:read:org: >-
              View ledger accounts, tax rates, cost centers, tags, and projects
              configured for your organization.
            accounting_config:write:org: >-
              Create and update ledger accounts, tax rates, cost centers, tags,
              and projects for your organization.
            acquiring:report:read: >-
              View transaction and settlement reports for your acquiring
              activity.
            approval_policy:read:org: >-
              View approval workflows and spending policies configured for your
              organization.
            approval_policy:write:org: >-
              Create and update approval workflows and spending policies for
              your organization.
            approval_request:create:org: >-
              Submit items for approval within your organization's approval
              workflows.
            approval_request:delete:org: Delete approval requests within your organization.
            approval_request:read:org: >-
              View pending and completed approval requests across your
              organization.
            approval_request:update:org: >-
              Edit and update existing approval requests within your
              organization.
            authorization_control:read:org: Read access to authorization control at the organization level.
            bank_account_application:read:org: >-
              View submitted applications to open bank accounts within your
              organization.
            bank_account_application:write:org: >-
              Submit and manage applications to open new bank accounts within
              your organization.
            bank_account:read:org: View bank account details and balances within your organization.
            bank_account:write:org: Create, update, and close bank accounts within your organization.
            beneficial_owner:read:org: >-
              View beneficial ownership information, including individuals'
              ownership stakes and identifying details.
            comment:read:org: >-
              View comments and notes added to financial records across your
              organization.
            comment:write:org: >-
              Add and manage comments and notes on financial records across your
              organization.
            counterpart:read:org: >-
              View the suppliers and clients your organization transacts with.
              Counterparts are required before creating invoices, quotes, and
              other financial documents.
            counterpart:write:org: >-
              Add and update the suppliers and clients your organization
              transacts with. Counterparts are required before creating
              invoices, quotes, and other financial documents.
            credit_card:activate:org: >-
              Activate newly issued credit cards for use within your
              organization.
            credit_card_application:read:org: View credit card applications submitted within your organization.
            credit_card_application:write:org: >-
              Submit and manage credit card applications within your
              organization.
            credit_card:read:org: >-
              View credit card details and status for cards in your
              organization.
            developer_portal: >-
              Access the Tesouro Developer Portal to view API documentation and
              manage developer resources.
            dispute:read: >-
              View payment disputes and any supporting documents attached to
              them.
            dispute:write: >-
              Accept or challenge payment disputes by uploading and submitting
              supporting evidence.
            email: ''
            expense:approve:org: >-
              Review and approve or reject expense reports submitted across your
              organization.
            expense:read:org: View expense reports and submissions across your organization.
            expense:read:self: View your own expense submissions and reports.
            expense:write:org: Create and update expense submissions across your organization.
            expense:write:self: Submit and update your own expense reports.
            export:read:org: >-
              View and download previously generated data exports for your
              organization.
            export:write:org: Generate and manage data exports for your organization.
            external_bank_account:micro_deposit:org: >-
              Initiate micro-deposit verification to confirm ownership of
              external bank accounts linked to your organization.
            external_bank_account:read:org: >-
              View external bank accounts that have been linked to your
              organization.
            external_bank_account:set_verification:org: >-
              Manually set the verification status of linked external bank
              accounts, bypassing the standard verification process.
            external_bank_account:write:org: >-
              Add, update, or remove external bank accounts linked to your
              organization.
            invoice:read:org: View invoices issued and received across your organization.
            invoice:write:org: Create, edit, and manage invoices across your organization.
            mailbox:read:org: >-
              View the email mailboxes configured to automatically capture
              incoming invoices as payables and collect expense receipts for
              your organization.
            mailbox:write:org: >-
              Configure email mailboxes that automatically capture incoming
              invoices as payables and collect expense receipts for your
              organization.
            notification:subscription:read: >-
              View active webhook and event notification subscriptions and their
              configurations.
            notification:subscription:write: >-
              Create, update, and delete webhook and event notification
              subscriptions.
            ocr_task:read:org: >-
              View the results and status of automated receipt and invoice
              scanning tasks.
            ocr_task:write:org: >-
              Submit and manage automated receipt and invoice scanning tasks for
              your organization.
            offline_access: ''
            oidc:app:manage: >-
              Add, edit, and remove access to OIDC applications and their
              scopes.
            oidc:app:read: Read only access to the OIDC applications and their scopes
            oidc:app:write: >-
              Add and edit - but not remove - access to OIDC applications and
              their scopes
            openid: ''
            organization:read:org: View your organization's profile and general details.
            organization_settings:read:org: View configuration settings for your organization.
            organization_settings:write:org: Update configuration settings for your organization.
            organization:write:org: Update your organization's profile and general details.
            org:write:all: >-
              Enable or disable organizations on the platform. This is a
              high-privilege permission typically reserved for platform
              administrators.
            partner_portal: >-
              Access the Tesouro Partner Portal to manage your partnership
              settings and sub-merchant configurations.
            payable:approve:org: >-
              Review and approve bills and accounts payable before they are
              paid.
            payable:pay:org: >-
              Authorize and submit payments for approved bills and accounts
              payable.
            payable:read:org: View bills and accounts payable across your organization.
            payable:write:org: >-
              Create and update bills and accounts payable across your
              organization.
            payment_link:write: >-
              Generate and manage shareable payment links to collect payments
              from customers.
            payment_processing: ''
            payment_rail:ach: Process payments via the ACH (Automated Clearing House) network.
            payment_rail:fednow: Process instant payments via the FedNow network.
            payment_rail:rtp: Process real-time payments via the RTP network.
            payment_record:read:org: >-
              View payment transaction history and records for your
              organization.
            payment_record:write:org: >-
              Record payments against invoices and manage their status,
              including marking payments as succeeded, cancelling, or moving
              them into processing.
            product:read:org: >-
              View the product and service catalog used for invoicing within
              your organization.
            product:write:org: >-
              Add and update products and services in your organization's
              invoicing catalog.
            profile: ''
            role:read:org: >-
              View user roles and their associated permissions within your
              organization.
            role:write:org: >-
              Create and update user roles and permission sets within your
              organization.
            transfer:write:org: Create and submit money transfers within your organization.
            underwriting:application:approval:escalation: >-
              Provide a senior-level escalation approval on underwriting
              applications that require additional review.
            underwriting:application:approval:secondary: >-
              Provide a second-level approval on underwriting applications as
              part of a multi-step review process.
            underwriting:application:read: >-
              View underwriting applications, including sensitive business
              details and personally identifiable information.
            underwriting:application:write: >-
              Edit, approve, and manage underwriting applications and decisions,
              and attach supporting documents.
            user_profile:write:all: >-
              Update profile information for any user across all organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user_profile:write:self: >-
              Update your own user profile, including your name, contact
              information, and preferences.
            user:read:org: View user accounts and their details within your organization.
            user:read:self: >-
              Read access to the user's own record and the name/email of their
              direct reports.
            user:write:all: >-
              Create and manage user accounts across multiple organizations.
              This is a high-privilege permission typically reserved for
              platform administrators.
            user:write:org: Create, update, and manage user accounts within your organization.

````