You use DROP USER to delete an authorization identifier and the associated system entries. You cannot delete an authorization identifier if it is the owner of schemas, spaces or storage groups, if it is the grantor of a privilege, or if an SQL transaction is currently active for the authorization identifier.

You cannot delete the authorization identifier of the universal user.

The USERS view of the INFORMATION_SCHEMA provides you with information on which authorization identifiers have been defined. Information on which authorization identifiers are owners is stored in the SCHEMATA, SPACES and STOGROUPS views. The TABLE_PRIVILEGES, COLUMN_PRIVILEGES, USAGE_PRIVILEGES, CATALOG_PRIVILEGES and ROUTINE_PRIVILEGES views provide you with information on whether the authorization identifier is the grantor of a privilege (see chapter "Information schemas").

The current authorization identifier must have the special privilege CREATE USER. If you want to delete an authorization identifier that as been granted the special privilege CREATE USER and GRANT authorization (see section "GRANT - Grant privileges"), the current authorization identifier must also have GRANT authorization.

DROP USER authorization_identifier AT CATALOG catalog RESTRICT

authorization_identifier

Name of the authorization identifier to be deleted.

AT CATALOG catalog

Name of the database from which the authorization identifier is to be deleted.

See also

CREATE USER, CREATE SYSTEM_USER, DROP SYSTEM_USER