My Oracle Support Banner

IDCS: Cannot Remove Identity Domain Administrator from IDCS - “IDA privileges for user XXX cannot be revoked” (Doc ID 2832512.1)

Last updated on JANUARY 09, 2024

Applies to:

Identity Cloud Service (IDCS) - Version N/A to N/A
Information in this document applies to any platform.


 An Identity Domain Administrator in IDCS cannot remove the original/another Identity Domain Administrator user.

A. In IDCS Admin Console, the error notes:

"Identity Domain Administrator privileges for user XXX could not be revoked"


B. In the OCI Console, the error shows up as follows:

"Could not remove or disable the user XXX because that would have removed the last active user who is a direct member of AppRole Identity domain administrator."



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Action plan in the UI:
 Action plan via REST:

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.