/identity DELETE endpoint

rest_client_zrok/admin/admin_client.go

@@ -44,6 +44,8 @@ type ClientService interface {
 
 	DeleteFrontend(params *DeleteFrontendParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*DeleteFrontendOK, error)
 
+	DeleteIdentity(params *DeleteIdentityParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*DeleteIdentityOK, error)
+
 	DeleteOrganization(params *DeleteOrganizationParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*DeleteOrganizationOK, error)
 
 	DeleteSecretsAccess(params *DeleteSecretsAccessParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*DeleteSecretsAccessOK, error)
@@ -338,6 +340,45 @@ func (a *Client) DeleteFrontend(params *DeleteFrontendParams, authInfo runtime.C
 	panic(msg)
 }
 
+/*
+DeleteIdentity delete identity API
+*/
+func (a *Client) DeleteIdentity(params *DeleteIdentityParams, authInfo runtime.ClientAuthInfoWriter, opts ...ClientOption) (*DeleteIdentityOK, error) {
+	// TODO: Validate the params before sending
+	if params == nil {
+		params = NewDeleteIdentityParams()
+	}
+	op := &runtime.ClientOperation{
+		ID:                 "deleteIdentity",
+		Method:             "DELETE",
+		PathPattern:        "/identity",
+		ProducesMediaTypes: []string{"application/zrok.v1+json"},
+		ConsumesMediaTypes: []string{"application/zrok.v1+json"},
+		Schemes:            []string{"http"},
+		Params:             params,
+		Reader:             &DeleteIdentityReader{formats: a.formats},
+		AuthInfo:           authInfo,
+		Context:            params.Context,
+		Client:             params.HTTPClient,
+	}
+	for _, opt := range opts {
+		opt(op)
+	}
+
+	result, err := a.transport.Submit(op)
+	if err != nil {
+		return nil, err
+	}
+	success, ok := result.(*DeleteIdentityOK)
+	if ok {
+		return success, nil
+	}
+	// unexpected success response
+	// safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue
+	msg := fmt.Sprintf("unexpected success response for deleteIdentity: API contract not enforced by server. Client expected to get an error, but got: %T", result)
+	panic(msg)
+}
+
 /*
 DeleteOrganization delete organization API
 */

rest_client_zrok/admin/delete_identity_parameters.go

@@ -0,0 +1,146 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"net/http"
+	"time"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	cr "github.com/go-openapi/runtime/client"
+	"github.com/go-openapi/strfmt"
+)
+
+// NewDeleteIdentityParams creates a new DeleteIdentityParams object,
+// with the default timeout for this client.
+//
+// Default values are not hydrated, since defaults are normally applied by the API server side.
+//
+// To enforce default values in parameter, use SetDefaults or WithDefaults.
+func NewDeleteIdentityParams() *DeleteIdentityParams {
+	return &DeleteIdentityParams{
+		timeout: cr.DefaultTimeout,
+	}
+}
+
+// NewDeleteIdentityParamsWithTimeout creates a new DeleteIdentityParams object
+// with the ability to set a timeout on a request.
+func NewDeleteIdentityParamsWithTimeout(timeout time.Duration) *DeleteIdentityParams {
+	return &DeleteIdentityParams{
+		timeout: timeout,
+	}
+}
+
+// NewDeleteIdentityParamsWithContext creates a new DeleteIdentityParams object
+// with the ability to set a context for a request.
+func NewDeleteIdentityParamsWithContext(ctx context.Context) *DeleteIdentityParams {
+	return &DeleteIdentityParams{
+		Context: ctx,
+	}
+}
+
+// NewDeleteIdentityParamsWithHTTPClient creates a new DeleteIdentityParams object
+// with the ability to set a custom HTTPClient for a request.
+func NewDeleteIdentityParamsWithHTTPClient(client *http.Client) *DeleteIdentityParams {
+	return &DeleteIdentityParams{
+		HTTPClient: client,
+	}
+}
+
+/*
+DeleteIdentityParams contains all the parameters to send to the API endpoint
+
+	for the delete identity operation.
+
+	Typically these are written to a http.Request.
+*/
+type DeleteIdentityParams struct {
+
+	// Body.
+	Body DeleteIdentityBody
+
+	timeout    time.Duration
+	Context    context.Context
+	HTTPClient *http.Client
+}
+
+// WithDefaults hydrates default values in the delete identity params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *DeleteIdentityParams) WithDefaults() *DeleteIdentityParams {
+	o.SetDefaults()
+	return o
+}
+
+// SetDefaults hydrates default values in the delete identity params (not the query body).
+//
+// All values with no default are reset to their zero value.
+func (o *DeleteIdentityParams) SetDefaults() {
+	// no default values defined for this parameter
+}
+
+// WithTimeout adds the timeout to the delete identity params
+func (o *DeleteIdentityParams) WithTimeout(timeout time.Duration) *DeleteIdentityParams {
+	o.SetTimeout(timeout)
+	return o
+}
+
+// SetTimeout adds the timeout to the delete identity params
+func (o *DeleteIdentityParams) SetTimeout(timeout time.Duration) {
+	o.timeout = timeout
+}
+
+// WithContext adds the context to the delete identity params
+func (o *DeleteIdentityParams) WithContext(ctx context.Context) *DeleteIdentityParams {
+	o.SetContext(ctx)
+	return o
+}
+
+// SetContext adds the context to the delete identity params
+func (o *DeleteIdentityParams) SetContext(ctx context.Context) {
+	o.Context = ctx
+}
+
+// WithHTTPClient adds the HTTPClient to the delete identity params
+func (o *DeleteIdentityParams) WithHTTPClient(client *http.Client) *DeleteIdentityParams {
+	o.SetHTTPClient(client)
+	return o
+}
+
+// SetHTTPClient adds the HTTPClient to the delete identity params
+func (o *DeleteIdentityParams) SetHTTPClient(client *http.Client) {
+	o.HTTPClient = client
+}
+
+// WithBody adds the body to the delete identity params
+func (o *DeleteIdentityParams) WithBody(body DeleteIdentityBody) *DeleteIdentityParams {
+	o.SetBody(body)
+	return o
+}
+
+// SetBody adds the body to the delete identity params
+func (o *DeleteIdentityParams) SetBody(body DeleteIdentityBody) {
+	o.Body = body
+}
+
+// WriteToRequest writes these params to a swagger request
+func (o *DeleteIdentityParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error {
+
+	if err := r.SetTimeout(o.timeout); err != nil {
+		return err
+	}
+	var res []error
+	if err := r.SetBodyParam(o.Body); err != nil {
+		return err
+	}
+
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

rest_client_zrok/admin/delete_identity_responses.go

@@ -0,0 +1,314 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+)
+
+// DeleteIdentityReader is a Reader for the DeleteIdentity structure.
+type DeleteIdentityReader struct {
+	formats strfmt.Registry
+}
+
+// ReadResponse reads a server response into the received o.
+func (o *DeleteIdentityReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) {
+	switch response.Code() {
+	case 200:
+		result := NewDeleteIdentityOK()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return result, nil
+	case 401:
+		result := NewDeleteIdentityUnauthorized()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	case 404:
+		result := NewDeleteIdentityNotFound()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	case 500:
+		result := NewDeleteIdentityInternalServerError()
+		if err := result.readResponse(response, consumer, o.formats); err != nil {
+			return nil, err
+		}
+		return nil, result
+	default:
+		return nil, runtime.NewAPIError("[DELETE /identity] deleteIdentity", response, response.Code())
+	}
+}
+
+// NewDeleteIdentityOK creates a DeleteIdentityOK with default headers values
+func NewDeleteIdentityOK() *DeleteIdentityOK {
+	return &DeleteIdentityOK{}
+}
+
+/*
+DeleteIdentityOK describes a response with status code 200, with default header values.
+
+deleted
+*/
+type DeleteIdentityOK struct {
+}
+
+// IsSuccess returns true when this delete identity o k response has a 2xx status code
+func (o *DeleteIdentityOK) IsSuccess() bool {
+	return true
+}
+
+// IsRedirect returns true when this delete identity o k response has a 3xx status code
+func (o *DeleteIdentityOK) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this delete identity o k response has a 4xx status code
+func (o *DeleteIdentityOK) IsClientError() bool {
+	return false
+}
+
+// IsServerError returns true when this delete identity o k response has a 5xx status code
+func (o *DeleteIdentityOK) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this delete identity o k response a status code equal to that given
+func (o *DeleteIdentityOK) IsCode(code int) bool {
+	return code == 200
+}
+
+// Code gets the status code for the delete identity o k response
+func (o *DeleteIdentityOK) Code() int {
+	return 200
+}
+
+func (o *DeleteIdentityOK) Error() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityOK ", 200)
+}
+
+func (o *DeleteIdentityOK) String() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityOK ", 200)
+}
+
+func (o *DeleteIdentityOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+// NewDeleteIdentityUnauthorized creates a DeleteIdentityUnauthorized with default headers values
+func NewDeleteIdentityUnauthorized() *DeleteIdentityUnauthorized {
+	return &DeleteIdentityUnauthorized{}
+}
+
+/*
+DeleteIdentityUnauthorized describes a response with status code 401, with default header values.
+
+unauthorized
+*/
+type DeleteIdentityUnauthorized struct {
+}
+
+// IsSuccess returns true when this delete identity unauthorized response has a 2xx status code
+func (o *DeleteIdentityUnauthorized) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this delete identity unauthorized response has a 3xx status code
+func (o *DeleteIdentityUnauthorized) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this delete identity unauthorized response has a 4xx status code
+func (o *DeleteIdentityUnauthorized) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this delete identity unauthorized response has a 5xx status code
+func (o *DeleteIdentityUnauthorized) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this delete identity unauthorized response a status code equal to that given
+func (o *DeleteIdentityUnauthorized) IsCode(code int) bool {
+	return code == 401
+}
+
+// Code gets the status code for the delete identity unauthorized response
+func (o *DeleteIdentityUnauthorized) Code() int {
+	return 401
+}
+
+func (o *DeleteIdentityUnauthorized) Error() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityUnauthorized ", 401)
+}
+
+func (o *DeleteIdentityUnauthorized) String() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityUnauthorized ", 401)
+}
+
+func (o *DeleteIdentityUnauthorized) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+// NewDeleteIdentityNotFound creates a DeleteIdentityNotFound with default headers values
+func NewDeleteIdentityNotFound() *DeleteIdentityNotFound {
+	return &DeleteIdentityNotFound{}
+}
+
+/*
+DeleteIdentityNotFound describes a response with status code 404, with default header values.
+
+not found
+*/
+type DeleteIdentityNotFound struct {
+}
+
+// IsSuccess returns true when this delete identity not found response has a 2xx status code
+func (o *DeleteIdentityNotFound) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this delete identity not found response has a 3xx status code
+func (o *DeleteIdentityNotFound) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this delete identity not found response has a 4xx status code
+func (o *DeleteIdentityNotFound) IsClientError() bool {
+	return true
+}
+
+// IsServerError returns true when this delete identity not found response has a 5xx status code
+func (o *DeleteIdentityNotFound) IsServerError() bool {
+	return false
+}
+
+// IsCode returns true when this delete identity not found response a status code equal to that given
+func (o *DeleteIdentityNotFound) IsCode(code int) bool {
+	return code == 404
+}
+
+// Code gets the status code for the delete identity not found response
+func (o *DeleteIdentityNotFound) Code() int {
+	return 404
+}
+
+func (o *DeleteIdentityNotFound) Error() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityNotFound ", 404)
+}
+
+func (o *DeleteIdentityNotFound) String() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityNotFound ", 404)
+}
+
+func (o *DeleteIdentityNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+// NewDeleteIdentityInternalServerError creates a DeleteIdentityInternalServerError with default headers values
+func NewDeleteIdentityInternalServerError() *DeleteIdentityInternalServerError {
+	return &DeleteIdentityInternalServerError{}
+}
+
+/*
+DeleteIdentityInternalServerError describes a response with status code 500, with default header values.
+
+internal server error
+*/
+type DeleteIdentityInternalServerError struct {
+}
+
+// IsSuccess returns true when this delete identity internal server error response has a 2xx status code
+func (o *DeleteIdentityInternalServerError) IsSuccess() bool {
+	return false
+}
+
+// IsRedirect returns true when this delete identity internal server error response has a 3xx status code
+func (o *DeleteIdentityInternalServerError) IsRedirect() bool {
+	return false
+}
+
+// IsClientError returns true when this delete identity internal server error response has a 4xx status code
+func (o *DeleteIdentityInternalServerError) IsClientError() bool {
+	return false
+}
+
+// IsServerError returns true when this delete identity internal server error response has a 5xx status code
+func (o *DeleteIdentityInternalServerError) IsServerError() bool {
+	return true
+}
+
+// IsCode returns true when this delete identity internal server error response a status code equal to that given
+func (o *DeleteIdentityInternalServerError) IsCode(code int) bool {
+	return code == 500
+}
+
+// Code gets the status code for the delete identity internal server error response
+func (o *DeleteIdentityInternalServerError) Code() int {
+	return 500
+}
+
+func (o *DeleteIdentityInternalServerError) Error() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityInternalServerError ", 500)
+}
+
+func (o *DeleteIdentityInternalServerError) String() string {
+	return fmt.Sprintf("[DELETE /identity][%d] deleteIdentityInternalServerError ", 500)
+}
+
+func (o *DeleteIdentityInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error {
+
+	return nil
+}
+
+/*
+DeleteIdentityBody delete identity body
+swagger:model DeleteIdentityBody
+*/
+type DeleteIdentityBody struct {
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this delete identity body
+func (o *DeleteIdentityBody) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this delete identity body based on context it is used
+func (o *DeleteIdentityBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *DeleteIdentityBody) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *DeleteIdentityBody) UnmarshalBinary(b []byte) error {
+	var res DeleteIdentityBody
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}

rest_server_zrok/embedded_spec.go

@@ -1310,6 +1310,44 @@ func init() {
             "description": "internal server error"
           }
         }
+      },
+      "delete": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "admin"
+        ],
+        "operationId": "deleteIdentity",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "schema": {
+              "properties": {
+                "name": {
+                  "type": "string"
+                }
+              }
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "deleted"
+          },
+          "401": {
+            "description": "unauthorized"
+          },
+          "404": {
+            "description": "not found"
+          },
+          "500": {
+            "description": "internal server error"
+          }
+        }
       }
     },
     "/invite": {
@@ -4149,6 +4187,44 @@ func init() {
             "description": "internal server error"
           }
         }
+      },
+      "delete": {
+        "security": [
+          {
+            "key": []
+          }
+        ],
+        "tags": [
+          "admin"
+        ],
+        "operationId": "deleteIdentity",
+        "parameters": [
+          {
+            "name": "body",
+            "in": "body",
+            "schema": {
+              "properties": {
+                "name": {
+                  "type": "string"
+                }
+              }
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "deleted"
+          },
+          "401": {
+            "description": "unauthorized"
+          },
+          "404": {
+            "description": "not found"
+          },
+          "500": {
+            "description": "internal server error"
+          }
+        }
       }
     },
     "/invite": {

rest_server_zrok/operations/admin/delete_identity.go

@@ -0,0 +1,111 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/strfmt"
+	"github.com/go-openapi/swag"
+
+	"github.com/openziti/zrok/rest_model_zrok"
+)
+
+// DeleteIdentityHandlerFunc turns a function with the right signature into a delete identity handler
+type DeleteIdentityHandlerFunc func(DeleteIdentityParams, *rest_model_zrok.Principal) middleware.Responder
+
+// Handle executing the request and returning a response
+func (fn DeleteIdentityHandlerFunc) Handle(params DeleteIdentityParams, principal *rest_model_zrok.Principal) middleware.Responder {
+	return fn(params, principal)
+}
+
+// DeleteIdentityHandler interface for that can handle valid delete identity params
+type DeleteIdentityHandler interface {
+	Handle(DeleteIdentityParams, *rest_model_zrok.Principal) middleware.Responder
+}
+
+// NewDeleteIdentity creates a new http.Handler for the delete identity operation
+func NewDeleteIdentity(ctx *middleware.Context, handler DeleteIdentityHandler) *DeleteIdentity {
+	return &DeleteIdentity{Context: ctx, Handler: handler}
+}
+
+/*
+	DeleteIdentity swagger:route DELETE /identity admin deleteIdentity
+
+DeleteIdentity delete identity API
+*/
+type DeleteIdentity struct {
+	Context *middleware.Context
+	Handler DeleteIdentityHandler
+}
+
+func (o *DeleteIdentity) ServeHTTP(rw http.ResponseWriter, r *http.Request) {
+	route, rCtx, _ := o.Context.RouteInfo(r)
+	if rCtx != nil {
+		*r = *rCtx
+	}
+	var Params = NewDeleteIdentityParams()
+	uprinc, aCtx, err := o.Context.Authorize(r, route)
+	if err != nil {
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+	if aCtx != nil {
+		*r = *aCtx
+	}
+	var principal *rest_model_zrok.Principal
+	if uprinc != nil {
+		principal = uprinc.(*rest_model_zrok.Principal) // this is really a rest_model_zrok.Principal, I promise
+	}
+
+	if err := o.Context.BindValidRequest(r, route, &Params); err != nil { // bind params
+		o.Context.Respond(rw, r, route.Produces, route, err)
+		return
+	}
+
+	res := o.Handler.Handle(Params, principal) // actually handle the request
+	o.Context.Respond(rw, r, route.Produces, route, res)
+
+}
+
+// DeleteIdentityBody delete identity body
+//
+// swagger:model DeleteIdentityBody
+type DeleteIdentityBody struct {
+
+	// name
+	Name string `json:"name,omitempty"`
+}
+
+// Validate validates this delete identity body
+func (o *DeleteIdentityBody) Validate(formats strfmt.Registry) error {
+	return nil
+}
+
+// ContextValidate validates this delete identity body based on context it is used
+func (o *DeleteIdentityBody) ContextValidate(ctx context.Context, formats strfmt.Registry) error {
+	return nil
+}
+
+// MarshalBinary interface implementation
+func (o *DeleteIdentityBody) MarshalBinary() ([]byte, error) {
+	if o == nil {
+		return nil, nil
+	}
+	return swag.WriteJSON(o)
+}
+
+// UnmarshalBinary interface implementation
+func (o *DeleteIdentityBody) UnmarshalBinary(b []byte) error {
+	var res DeleteIdentityBody
+	if err := swag.ReadJSON(b, &res); err != nil {
+		return err
+	}
+	*o = res
+	return nil
+}

rest_server_zrok/operations/admin/delete_identity_parameters.go

@@ -0,0 +1,74 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/errors"
+	"github.com/go-openapi/runtime"
+	"github.com/go-openapi/runtime/middleware"
+	"github.com/go-openapi/validate"
+)
+
+// NewDeleteIdentityParams creates a new DeleteIdentityParams object
+//
+// There are no default values defined in the spec.
+func NewDeleteIdentityParams() DeleteIdentityParams {
+
+	return DeleteIdentityParams{}
+}
+
+// DeleteIdentityParams contains all the bound params for the delete identity operation
+// typically these are obtained from a http.Request
+//
+// swagger:parameters deleteIdentity
+type DeleteIdentityParams struct {
+
+	// HTTP Request Object
+	HTTPRequest *http.Request `json:"-"`
+
+	/*
+	  In: body
+	*/
+	Body DeleteIdentityBody
+}
+
+// BindRequest both binds and validates a request, it assumes that complex things implement a Validatable(strfmt.Registry) error interface
+// for simple values it will use straight method calls.
+//
+// To ensure default values, the struct must have been initialized with NewDeleteIdentityParams() beforehand.
+func (o *DeleteIdentityParams) BindRequest(r *http.Request, route *middleware.MatchedRoute) error {
+	var res []error
+
+	o.HTTPRequest = r
+
+	if runtime.HasBody(r) {
+		defer r.Body.Close()
+		var body DeleteIdentityBody
+		if err := route.Consumer.Consume(r.Body, &body); err != nil {
+			res = append(res, errors.NewParseError("body", "body", "", err))
+		} else {
+			// validate body object
+			if err := body.Validate(route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			ctx := validate.WithOperationRequest(r.Context())
+			if err := body.ContextValidate(ctx, route.Formats); err != nil {
+				res = append(res, err)
+			}
+
+			if len(res) == 0 {
+				o.Body = body
+			}
+		}
+	}
+	if len(res) > 0 {
+		return errors.CompositeValidationError(res...)
+	}
+	return nil
+}

rest_server_zrok/operations/admin/delete_identity_responses.go

@@ -0,0 +1,112 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the swagger generate command
+
+import (
+	"net/http"
+
+	"github.com/go-openapi/runtime"
+)
+
+// DeleteIdentityOKCode is the HTTP code returned for type DeleteIdentityOK
+const DeleteIdentityOKCode int = 200
+
+/*
+DeleteIdentityOK deleted
+
+swagger:response deleteIdentityOK
+*/
+type DeleteIdentityOK struct {
+}
+
+// NewDeleteIdentityOK creates DeleteIdentityOK with default headers values
+func NewDeleteIdentityOK() *DeleteIdentityOK {
+
+	return &DeleteIdentityOK{}
+}
+
+// WriteResponse to the client
+func (o *DeleteIdentityOK) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(200)
+}
+
+// DeleteIdentityUnauthorizedCode is the HTTP code returned for type DeleteIdentityUnauthorized
+const DeleteIdentityUnauthorizedCode int = 401
+
+/*
+DeleteIdentityUnauthorized unauthorized
+
+swagger:response deleteIdentityUnauthorized
+*/
+type DeleteIdentityUnauthorized struct {
+}
+
+// NewDeleteIdentityUnauthorized creates DeleteIdentityUnauthorized with default headers values
+func NewDeleteIdentityUnauthorized() *DeleteIdentityUnauthorized {
+
+	return &DeleteIdentityUnauthorized{}
+}
+
+// WriteResponse to the client
+func (o *DeleteIdentityUnauthorized) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(401)
+}
+
+// DeleteIdentityNotFoundCode is the HTTP code returned for type DeleteIdentityNotFound
+const DeleteIdentityNotFoundCode int = 404
+
+/*
+DeleteIdentityNotFound not found
+
+swagger:response deleteIdentityNotFound
+*/
+type DeleteIdentityNotFound struct {
+}
+
+// NewDeleteIdentityNotFound creates DeleteIdentityNotFound with default headers values
+func NewDeleteIdentityNotFound() *DeleteIdentityNotFound {
+
+	return &DeleteIdentityNotFound{}
+}
+
+// WriteResponse to the client
+func (o *DeleteIdentityNotFound) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(404)
+}
+
+// DeleteIdentityInternalServerErrorCode is the HTTP code returned for type DeleteIdentityInternalServerError
+const DeleteIdentityInternalServerErrorCode int = 500
+
+/*
+DeleteIdentityInternalServerError internal server error
+
+swagger:response deleteIdentityInternalServerError
+*/
+type DeleteIdentityInternalServerError struct {
+}
+
+// NewDeleteIdentityInternalServerError creates DeleteIdentityInternalServerError with default headers values
+func NewDeleteIdentityInternalServerError() *DeleteIdentityInternalServerError {
+
+	return &DeleteIdentityInternalServerError{}
+}
+
+// WriteResponse to the client
+func (o *DeleteIdentityInternalServerError) WriteResponse(rw http.ResponseWriter, producer runtime.Producer) {
+
+	rw.Header().Del(runtime.HeaderContentType) //Remove Content-Type on empty responses
+
+	rw.WriteHeader(500)
+}

rest_server_zrok/operations/admin/delete_identity_urlbuilder.go

@@ -0,0 +1,87 @@
+// Code generated by go-swagger; DO NOT EDIT.
+
+package admin
+
+// This file was generated by the swagger tool.
+// Editing this file might prove futile when you re-run the generate command
+
+import (
+	"errors"
+	"net/url"
+	golangswaggerpaths "path"
+)
+
+// DeleteIdentityURL generates an URL for the delete identity operation
+type DeleteIdentityURL struct {
+	_basePath string
+}
+
+// WithBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *DeleteIdentityURL) WithBasePath(bp string) *DeleteIdentityURL {
+	o.SetBasePath(bp)
+	return o
+}
+
+// SetBasePath sets the base path for this url builder, only required when it's different from the
+// base path specified in the swagger spec.
+// When the value of the base path is an empty string
+func (o *DeleteIdentityURL) SetBasePath(bp string) {
+	o._basePath = bp
+}
+
+// Build a url path and query string
+func (o *DeleteIdentityURL) Build() (*url.URL, error) {
+	var _result url.URL
+
+	var _path = "/identity"
+
+	_basePath := o._basePath
+	if _basePath == "" {
+		_basePath = "/api/v1"
+	}
+	_result.Path = golangswaggerpaths.Join(_basePath, _path)
+
+	return &_result, nil
+}
+
+// Must is a helper function to panic when the url builder returns an error
+func (o *DeleteIdentityURL) Must(u *url.URL, err error) *url.URL {
+	if err != nil {
+		panic(err)
+	}
+	if u == nil {
+		panic("url can't be nil")
+	}
+	return u
+}
+
+// String returns the string representation of the path with query string
+func (o *DeleteIdentityURL) String() string {
+	return o.Must(o.Build()).String()
+}
+
+// BuildFull builds a full url with scheme, host, path and query string
+func (o *DeleteIdentityURL) BuildFull(scheme, host string) (*url.URL, error) {
+	if scheme == "" {
+		return nil, errors.New("scheme is required for a full url on DeleteIdentityURL")
+	}
+	if host == "" {
+		return nil, errors.New("host is required for a full url on DeleteIdentityURL")
+	}
+
+	base, err := o.Build()
+	if err != nil {
+		return nil, err
+	}
+
+	base.Scheme = scheme
+	base.Host = host
+	return base, nil
+}
+
+// StringFull returns the string representation of a complete url
+func (o *DeleteIdentityURL) StringFull(scheme, host string) string {
+	return o.Must(o.BuildFull(scheme, host)).String()
+}

rest_server_zrok/operations/zrok_api.go

@@ -83,6 +83,9 @@ func NewZrokAPI(spec *loads.Document) *ZrokAPI {
 		AdminDeleteFrontendHandler: admin.DeleteFrontendHandlerFunc(func(params admin.DeleteFrontendParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation admin.DeleteFrontend has not yet been implemented")
 		}),
+		AdminDeleteIdentityHandler: admin.DeleteIdentityHandlerFunc(func(params admin.DeleteIdentityParams, principal *rest_model_zrok.Principal) middleware.Responder {
+			return middleware.NotImplemented("operation admin.DeleteIdentity has not yet been implemented")
+		}),
 		AdminDeleteOrganizationHandler: admin.DeleteOrganizationHandlerFunc(func(params admin.DeleteOrganizationParams, principal *rest_model_zrok.Principal) middleware.Responder {
 			return middleware.NotImplemented("operation admin.DeleteOrganization has not yet been implemented")
 		}),
@@ -290,6 +293,8 @@ type ZrokAPI struct {
 	AdminCreateOrganizationHandler admin.CreateOrganizationHandler
 	// AdminDeleteFrontendHandler sets the operation handler for the delete frontend operation
 	AdminDeleteFrontendHandler admin.DeleteFrontendHandler
+	// AdminDeleteIdentityHandler sets the operation handler for the delete identity operation
+	AdminDeleteIdentityHandler admin.DeleteIdentityHandler
 	// AdminDeleteOrganizationHandler sets the operation handler for the delete organization operation
 	AdminDeleteOrganizationHandler admin.DeleteOrganizationHandler
 	// AdminDeleteSecretsAccessHandler sets the operation handler for the delete secrets access operation
@@ -494,6 +499,9 @@ func (o *ZrokAPI) Validate() error {
 	if o.AdminDeleteFrontendHandler == nil {
 		unregistered = append(unregistered, "admin.DeleteFrontendHandler")
 	}
+	if o.AdminDeleteIdentityHandler == nil {
+		unregistered = append(unregistered, "admin.DeleteIdentityHandler")
+	}
 	if o.AdminDeleteOrganizationHandler == nil {
 		unregistered = append(unregistered, "admin.DeleteOrganizationHandler")
 	}
@@ -775,6 +783,10 @@ func (o *ZrokAPI) initHandlerCache() {
 	if o.handlers["DELETE"] == nil {
 		o.handlers["DELETE"] = make(map[string]http.Handler)
 	}
+	o.handlers["DELETE"]["/identity"] = admin.NewDeleteIdentity(o.context, o.AdminDeleteIdentityHandler)
+	if o.handlers["DELETE"] == nil {
+		o.handlers["DELETE"] = make(map[string]http.Handler)
+	}
 	o.handlers["DELETE"]["/organization"] = admin.NewDeleteOrganization(o.context, o.AdminDeleteOrganizationHandler)
 	if o.handlers["DELETE"] == nil {
 		o.handlers["DELETE"] = make(map[string]http.Handler)

sdk/nodejs/sdk/src/api/apis/AdminApi.ts

@@ -98,6 +98,10 @@ export interface DeleteFrontendRequest {
     body?: CreateFrontend201Response;
 }
 
+export interface DeleteIdentityRequest {
+    body?: CreateIdentityRequest;
+}
+
 export interface DeleteOrganizationRequest {
     body?: CreateOrganization201Response;
 }
@@ -345,6 +349,36 @@ export class AdminApi extends runtime.BaseAPI {
         await this.deleteFrontendRaw(requestParameters, initOverrides);
     }
 
+    /**
+     */
+    async deleteIdentityRaw(requestParameters: DeleteIdentityRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
+        const queryParameters: any = {};
+
+        const headerParameters: runtime.HTTPHeaders = {};
+
+        headerParameters['Content-Type'] = 'application/zrok.v1+json';
+
+        if (this.configuration && this.configuration.apiKey) {
+            headerParameters["x-token"] = await this.configuration.apiKey("x-token"); // key authentication
+        }
+
+        const response = await this.request({
+            path: `/identity`,
+            method: 'DELETE',
+            headers: headerParameters,
+            query: queryParameters,
+            body: CreateIdentityRequestToJSON(requestParameters['body']),
+        }, initOverrides);
+
+        return new runtime.VoidApiResponse(response);
+    }
+
+    /**
+     */
+    async deleteIdentity(requestParameters: DeleteIdentityRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
+        await this.deleteIdentityRaw(requestParameters, initOverrides);
+    }
+
     /**
      */
     async deleteOrganizationRaw(requestParameters: DeleteOrganizationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {

sdk/python/src/README.md

@@ -107,6 +107,7 @@ Class | Method | HTTP request | Description
 *AdminApi* | [**create_identity**](docs/AdminApi.md#create_identity) | **POST** /identity | 
 *AdminApi* | [**create_organization**](docs/AdminApi.md#create_organization) | **POST** /organization | 
 *AdminApi* | [**delete_frontend**](docs/AdminApi.md#delete_frontend) | **DELETE** /frontend | 
+*AdminApi* | [**delete_identity**](docs/AdminApi.md#delete_identity) | **DELETE** /identity | 
 *AdminApi* | [**delete_organization**](docs/AdminApi.md#delete_organization) | **DELETE** /organization | 
 *AdminApi* | [**delete_secrets_access**](docs/AdminApi.md#delete_secrets_access) | **DELETE** /secrets/access | 
 *AdminApi* | [**grants**](docs/AdminApi.md#grants) | **POST** /grants | 

sdk/python/src/docs/AdminApi.md

@@ -11,6 +11,7 @@ Method | HTTP request | Description
 [**create_identity**](AdminApi.md#create_identity) | **POST** /identity | 
 [**create_organization**](AdminApi.md#create_organization) | **POST** /organization | 
 [**delete_frontend**](AdminApi.md#delete_frontend) | **DELETE** /frontend | 
+[**delete_identity**](AdminApi.md#delete_identity) | **DELETE** /identity | 
 [**delete_organization**](AdminApi.md#delete_organization) | **DELETE** /organization | 
 [**delete_secrets_access**](AdminApi.md#delete_secrets_access) | **DELETE** /secrets/access | 
 [**grants**](AdminApi.md#grants) | **POST** /grants | 
@@ -557,6 +558,81 @@ void (empty response body)
 
 [[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
 
+# **delete_identity**
+> delete_identity(body=body)
+
+### Example
+
+* Api Key Authentication (key):
+
+```python
+import zrok_api
+from zrok_api.models.create_identity_request import CreateIdentityRequest
+from zrok_api.rest import ApiException
+from pprint import pprint
+
+# Defining the host is optional and defaults to /api/v1
+# See configuration.py for a list of all supported configuration parameters.
+configuration = zrok_api.Configuration(
+    host = "/api/v1"
+)
+
+# The client must configure the authentication and authorization parameters
+# in accordance with the API server security policy.
+# Examples for each auth method are provided below, use the example that
+# satisfies your auth use case.
+
+# Configure API key authorization: key
+configuration.api_key['key'] = os.environ["API_KEY"]
+
+# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
+# configuration.api_key_prefix['key'] = 'Bearer'
+
+# Enter a context with an instance of the API client
+with zrok_api.ApiClient(configuration) as api_client:
+    # Create an instance of the API class
+    api_instance = zrok_api.AdminApi(api_client)
+    body = zrok_api.CreateIdentityRequest() # CreateIdentityRequest |  (optional)
+
+    try:
+        api_instance.delete_identity(body=body)
+    except Exception as e:
+        print("Exception when calling AdminApi->delete_identity: %s\n" % e)
+```
+
+
+
+### Parameters
+
+
+Name | Type | Description  | Notes
+------------- | ------------- | ------------- | -------------
+ **body** | [**CreateIdentityRequest**](CreateIdentityRequest.md)|  | [optional] 
+
+### Return type
+
+void (empty response body)
+
+### Authorization
+
+[key](../README.md#key)
+
+### HTTP request headers
+
+ - **Content-Type**: application/zrok.v1+json
+ - **Accept**: Not defined
+
+### HTTP response details
+
+| Status code | Description | Response headers |
+|-------------|-------------|------------------|
+**200** | deleted |  -  |
+**401** | unauthorized |  -  |
+**404** | not found |  -  |
+**500** | internal server error |  -  |
+
+[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md)
+
 # **delete_organization**
 > delete_organization(body=body)
 

sdk/python/src/test/test_admin_api.py

@@ -68,6 +68,12 @@ class TestAdminApi(unittest.TestCase):
         """
         pass
 
+    def test_delete_identity(self) -> None:
+        """Test case for delete_identity
+
+        """
+        pass
+
     def test_delete_organization(self) -> None:
         """Test case for delete_organization
 

sdk/python/src/zrok_api/api/admin_api.py

@@ -1986,6 +1986,279 @@ class AdminApi:
 
 
 
+    @validate_call
+    def delete_identity(
+        self,
+        body: Optional[CreateIdentityRequest] = None,
+        _request_timeout: Union[
+            None,
+            Annotated[StrictFloat, Field(gt=0)],
+            Tuple[
+                Annotated[StrictFloat, Field(gt=0)],
+                Annotated[StrictFloat, Field(gt=0)]
+            ]
+        ] = None,
+        _request_auth: Optional[Dict[StrictStr, Any]] = None,
+        _content_type: Optional[StrictStr] = None,
+        _headers: Optional[Dict[StrictStr, Any]] = None,
+        _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
+    ) -> None:
+        """delete_identity
+
+
+        :param body:
+        :type body: CreateIdentityRequest
+        :param _request_timeout: timeout setting for this request. If one
+                                 number provided, it will be total request
+                                 timeout. It can also be a pair (tuple) of
+                                 (connection, read) timeouts.
+        :type _request_timeout: int, tuple(int, int), optional
+        :param _request_auth: set to override the auth_settings for an a single
+                              request; this effectively ignores the
+                              authentication in the spec for a single request.
+        :type _request_auth: dict, optional
+        :param _content_type: force content-type for the request.
+        :type _content_type: str, Optional
+        :param _headers: set to override the headers for a single
+                         request; this effectively ignores the headers
+                         in the spec for a single request.
+        :type _headers: dict, optional
+        :param _host_index: set to override the host_index for a single
+                            request; this effectively ignores the host_index
+                            in the spec for a single request.
+        :type _host_index: int, optional
+        :return: Returns the result object.
+        """ # noqa: E501
+
+        _param = self._delete_identity_serialize(
+            body=body,
+            _request_auth=_request_auth,
+            _content_type=_content_type,
+            _headers=_headers,
+            _host_index=_host_index
+        )
+
+        _response_types_map: Dict[str, Optional[str]] = {
+            '200': None,
+            '401': None,
+            '404': None,
+            '500': None,
+        }
+        response_data = self.api_client.call_api(
+            *_param,
+            _request_timeout=_request_timeout
+        )
+        response_data.read()
+        return self.api_client.response_deserialize(
+            response_data=response_data,
+            response_types_map=_response_types_map,
+        ).data
+
+
+    @validate_call
+    def delete_identity_with_http_info(
+        self,
+        body: Optional[CreateIdentityRequest] = None,
+        _request_timeout: Union[
+            None,
+            Annotated[StrictFloat, Field(gt=0)],
+            Tuple[
+                Annotated[StrictFloat, Field(gt=0)],
+                Annotated[StrictFloat, Field(gt=0)]
+            ]
+        ] = None,
+        _request_auth: Optional[Dict[StrictStr, Any]] = None,
+        _content_type: Optional[StrictStr] = None,
+        _headers: Optional[Dict[StrictStr, Any]] = None,
+        _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
+    ) -> ApiResponse[None]:
+        """delete_identity
+
+
+        :param body:
+        :type body: CreateIdentityRequest
+        :param _request_timeout: timeout setting for this request. If one
+                                 number provided, it will be total request
+                                 timeout. It can also be a pair (tuple) of
+                                 (connection, read) timeouts.
+        :type _request_timeout: int, tuple(int, int), optional
+        :param _request_auth: set to override the auth_settings for an a single
+                              request; this effectively ignores the
+                              authentication in the spec for a single request.
+        :type _request_auth: dict, optional
+        :param _content_type: force content-type for the request.
+        :type _content_type: str, Optional
+        :param _headers: set to override the headers for a single
+                         request; this effectively ignores the headers
+                         in the spec for a single request.
+        :type _headers: dict, optional
+        :param _host_index: set to override the host_index for a single
+                            request; this effectively ignores the host_index
+                            in the spec for a single request.
+        :type _host_index: int, optional
+        :return: Returns the result object.
+        """ # noqa: E501
+
+        _param = self._delete_identity_serialize(
+            body=body,
+            _request_auth=_request_auth,
+            _content_type=_content_type,
+            _headers=_headers,
+            _host_index=_host_index
+        )
+
+        _response_types_map: Dict[str, Optional[str]] = {
+            '200': None,
+            '401': None,
+            '404': None,
+            '500': None,
+        }
+        response_data = self.api_client.call_api(
+            *_param,
+            _request_timeout=_request_timeout
+        )
+        response_data.read()
+        return self.api_client.response_deserialize(
+            response_data=response_data,
+            response_types_map=_response_types_map,
+        )
+
+
+    @validate_call
+    def delete_identity_without_preload_content(
+        self,
+        body: Optional[CreateIdentityRequest] = None,
+        _request_timeout: Union[
+            None,
+            Annotated[StrictFloat, Field(gt=0)],
+            Tuple[
+                Annotated[StrictFloat, Field(gt=0)],
+                Annotated[StrictFloat, Field(gt=0)]
+            ]
+        ] = None,
+        _request_auth: Optional[Dict[StrictStr, Any]] = None,
+        _content_type: Optional[StrictStr] = None,
+        _headers: Optional[Dict[StrictStr, Any]] = None,
+        _host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
+    ) -> RESTResponseType:
+        """delete_identity
+
+
+        :param body:
+        :type body: CreateIdentityRequest
+        :param _request_timeout: timeout setting for this request. If one
+                                 number provided, it will be total request
+                                 timeout. It can also be a pair (tuple) of
+                                 (connection, read) timeouts.
+        :type _request_timeout: int, tuple(int, int), optional
+        :param _request_auth: set to override the auth_settings for an a single
+                              request; this effectively ignores the
+                              authentication in the spec for a single request.
+        :type _request_auth: dict, optional
+        :param _content_type: force content-type for the request.
+        :type _content_type: str, Optional
+        :param _headers: set to override the headers for a single
+                         request; this effectively ignores the headers
+                         in the spec for a single request.
+        :type _headers: dict, optional
+        :param _host_index: set to override the host_index for a single
+                            request; this effectively ignores the host_index
+                            in the spec for a single request.
+        :type _host_index: int, optional
+        :return: Returns the result object.
+        """ # noqa: E501
+
+        _param = self._delete_identity_serialize(
+            body=body,
+            _request_auth=_request_auth,
+            _content_type=_content_type,
+            _headers=_headers,
+            _host_index=_host_index
+        )
+
+        _response_types_map: Dict[str, Optional[str]] = {
+            '200': None,
+            '401': None,
+            '404': None,
+            '500': None,
+        }
+        response_data = self.api_client.call_api(
+            *_param,
+            _request_timeout=_request_timeout
+        )
+        return response_data.response
+
+
+    def _delete_identity_serialize(
+        self,
+        body,
+        _request_auth,
+        _content_type,
+        _headers,
+        _host_index,
+    ) -> RequestSerialized:
+
+        _host = None
+
+        _collection_formats: Dict[str, str] = {
+        }
+
+        _path_params: Dict[str, str] = {}
+        _query_params: List[Tuple[str, str]] = []
+        _header_params: Dict[str, Optional[str]] = _headers or {}
+        _form_params: List[Tuple[str, str]] = []
+        _files: Dict[
+            str, Union[str, bytes, List[str], List[bytes], List[Tuple[str, bytes]]]
+        ] = {}
+        _body_params: Optional[bytes] = None
+
+        # process the path parameters
+        # process the query parameters
+        # process the header parameters
+        # process the form parameters
+        # process the body parameter
+        if body is not None:
+            _body_params = body
+
+
+
+        # set the HTTP header `Content-Type`
+        if _content_type:
+            _header_params['Content-Type'] = _content_type
+        else:
+            _default_content_type = (
+                self.api_client.select_header_content_type(
+                    [
+                        'application/zrok.v1+json'
+                    ]
+                )
+            )
+            if _default_content_type is not None:
+                _header_params['Content-Type'] = _default_content_type
+
+        # authentication setting
+        _auth_settings: List[str] = [
+            'key'
+        ]
+
+        return self.api_client.param_serialize(
+            method='DELETE',
+            resource_path='/identity',
+            path_params=_path_params,
+            query_params=_query_params,
+            header_params=_header_params,
+            body=_body_params,
+            post_params=_form_params,
+            files=_files,
+            auth_settings=_auth_settings,
+            collection_formats=_collection_formats,
+            _host=_host,
+            _request_auth=_request_auth
+        )
+
+
+
+
     @validate_call
     def delete_organization(
         self,

specs/zrok.yml

@@ -425,6 +425,28 @@ paths:
           description: unauthorized
         500:
           description: internal server error
+    delete:
+      tags:
+        - admin
+      security:
+        - key: []
+      operationId: deleteIdentity
+      parameters:
+        - name: body
+          in: body
+          schema:
+            properties:
+              name:
+                type: string
+      responses: 
+        200:
+          description: deleted
+        401:
+          description: unauthorized
+        404:
+          description: not found
+        500:
+          description: internal server error
 
   /invite/token/generate:
     post:

ui/src/api/apis/AdminApi.ts

@@ -98,6 +98,10 @@ export interface DeleteFrontendRequest {
     body?: CreateFrontend201Response;
 }
 
+export interface DeleteIdentityRequest {
+    body?: CreateIdentityRequest;
+}
+
 export interface DeleteOrganizationRequest {
     body?: CreateOrganization201Response;
 }
@@ -345,6 +349,36 @@ export class AdminApi extends runtime.BaseAPI {
         await this.deleteFrontendRaw(requestParameters, initOverrides);
     }
 
+    /**
+     */
+    async deleteIdentityRaw(requestParameters: DeleteIdentityRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {
+        const queryParameters: any = {};
+
+        const headerParameters: runtime.HTTPHeaders = {};
+
+        headerParameters['Content-Type'] = 'application/zrok.v1+json';
+
+        if (this.configuration && this.configuration.apiKey) {
+            headerParameters["x-token"] = await this.configuration.apiKey("x-token"); // key authentication
+        }
+
+        const response = await this.request({
+            path: `/identity`,
+            method: 'DELETE',
+            headers: headerParameters,
+            query: queryParameters,
+            body: CreateIdentityRequestToJSON(requestParameters['body']),
+        }, initOverrides);
+
+        return new runtime.VoidApiResponse(response);
+    }
+
+    /**
+     */
+    async deleteIdentity(requestParameters: DeleteIdentityRequest = {}, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<void> {
+        await this.deleteIdentityRaw(requestParameters, initOverrides);
+    }
+
     /**
      */
     async deleteOrganizationRaw(requestParameters: DeleteOrganizationRequest, initOverrides?: RequestInit | runtime.InitOverrideFunction): Promise<runtime.ApiResponse<void>> {