ObjectAccessControls: delete

Permanently deletes the ACL entry for the specified entity on the specified object.

You cannot remove OWNER access from the owner of this object using this method; the only way to remove that access is to delete or replace the object.

Required permissions

The authenticated user must have one of the following permissions to use this method:

  • The storage.objects.setIamPolicy IAM permission for the bucket containing the object
  • The OWNER ACL permission for the object


HTTP request

DELETE https://storage.googleapis.com/storage/v1/b/bucket/o/object/acl/entity

In addition to standard query parameters, the following query parameters apply to this method.

To see an example of how to include query parameters in a request, see the JSON API Overview page.


Parameter name Value Description
Path parameters
bucket string Name of a bucket.
entity string The entity holding the permission. Can be user-emailAddress, group-groupId, group-emailAddress, allUsers, or allAuthenticatedUsers.
object string Name of the object. For information about how to URL encode object names to be path safe, see Encoding URI path parts.
Optional query parameters
generation long If present, selects a specific revision of this object (as opposed to the latest version, the default).

Request body

Do not supply a request body with this method.


If successful, this method returns an empty response body.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.