What does the SQL REVOKE command do?

The SQL REVOKE command removes previously granted database privileges from a user. It is the opposite of GRANT. For example: REVOKE SELECT ON Sales FROM tanner1; removes the SELECT privilege on the Sales table from user tanner1.

How do you revoke all privileges from a user in SQL?

You can use REVOKE ALL PRIVILEGES ON table_name FROM user_name; in many databases, though the exact syntax varies. Because 'ALL' may not cover every privilege in all databases, it is safest to check the user's current privileges and revoke each one explicitly.

Does SQLite support REVOKE?

No. SQLite does not implement GRANT or REVOKE because it is an embedded database engine where user-level permissions are not applicable.

How do you revoke privileges from all users in SQL?

Use the PUBLIC keyword: REVOKE DELETE ON Sales FROM public; This revokes the privilege from all users. Note that MySQL may use a different syntax — consult your database documentation.

SQL REVOKE

SQL > Data Definition Language (DDL) > Revoke

The REVOKE command is used to take away database privileges from a user. It is the opposite of the GRANT command.

REVOKE removes specific database privileges from a user — use it alongside GRANT to maintain precise access control over your database objects.

It is worth noting that some lightweight databases, such as SQLite, do not implement REVOKE (and GRANT) commands. This is because such databases are intended to be an embedded database engine and hence user-level privileges are meaningless.

Syntax

The syntax for REVOKE is as follows:

REVOKE "Privilege_Name" ON "Database_Object" FROM "User";

The available "Privilege_Name" will vary depending on the relational database. Typical privileges include the following:

SELECT
INSERT
DELETE
UPDATE

In many databases there is a privilege called "ALL." To remove all privileges from a user, it is tempting to use the "ALL" privilege type. However because "ALL" doesn't always cover all the privileges (it is database-dependent), it is best to first check what privileges that user has and revoke each of them. Such information is typically stored in a system table (each database has its own set of system tables), so please consult your database documentation for this information.

The links below show the types of privileges available for each of the databases:

Examples

Example 1: Revoke one privilege from a user

To remove the SELECT privilege on the "Sales" table from user tanner1, we type in the following:

REVOKE SELECT ON Sales FROM tanner1;

Example 2: Revoke one privilege from all users

To remove the DELETE privilege on the "Sales" table from all users, we use the following:

REVOKE SELECT ON Sales FROM public;

Note that some databases such as MySQL have a different way to identify all users. So please consult with your database documentation if public does not work.

Frequently Asked Questions

What does the SQL REVOKE command do?: REVOKE removes a previously granted database privilege from a user. It is the counterpart to GRANT and is used to tighten access control. Example: REVOKE SELECT ON Sales FROM tanner1;
What privileges can be revoked?: Common privileges include SELECT, INSERT, UPDATE, DELETE, and EXECUTE, though the exact list varies by database. Check your database documentation for the full list of supported privilege types.
How do I revoke all privileges from a user?: You can use REVOKE ALL PRIVILEGES ON table_name FROM user_name; in many databases. Because "ALL" may not cover every privilege in every system, it is safest to query the system tables first to see exactly what privileges a user holds, then revoke each individually.
Does SQLite support REVOKE?: No. SQLite does not implement GRANT or REVOKE. As an embedded database engine, it has no concept of user-level permissions.

Next: SQL Constraint

This page was last updated on March 19, 2026.

AdBlock Detected!

Our website is made possible by displaying ads to our visitors. Please supporting us by whitelisting our website.