REVOKE - MySQL

REVOKE

Revoke permissions on database objects from users or roles.

Syntax

REVOKE
privileges ON type
FROM users | roles
IDENTIFIED BY | AS
{ current_password | password }
[WITH GRANT OPTION]

Options/Flags

• privileges: Specifies the permissions to be revoked, such as SELECT, INSERT, UPDATE, or DELETE. Multiple permissions can be specified by separating them with commas.
• type: Specifies the type of object for which permissions are being revoked, such as TABLE, DATABASE, or PROCEDURE.
• users | roles: Specifies the users or roles from whom permissions are being revoked. Multiple users or roles can be specified by separating them with commas.
• IDENTIFIED BY | AS {current_password | password}: Specifies the password to validate the identity of the revoking user. CURRENT_PASSWORD uses the current password, while PASSWORD requires specifying the password explicitly.
• WITH GRANT OPTION: Grants the ability to the specified users or roles to grant the revoked permissions to other users or roles.

Examples

Revoke SELECT permission on a table:

REVOKE SELECT ON table_name FROM user_name;

Revoke multiple permissions on a database:

REVOKE SELECT, INSERT, UPDATE ON database_name FROM role_name;

Revoke permissions with the GRANT OPTION:

REVOKE SELECT, INSERT ON table_name FROM user_name WITH GRANT OPTION;

Common Issues

• Permission denied: Ensure that the revoking user has sufficient privileges to revoke the permissions from the specified users or roles.
• Invalid object: Verify that the specified object exists and is of the correct type.
• Incorrect password: Ensure that the correct password is provided for authentication.

Integration

• GRANT: To grant permissions on objects.
• SHOW GRANTS: To view the permissions granted to a user or role.

Related Commands

• GRANT
• DENY