We have a request from an API client that would like for users to be able to remove themselves from an Organization or Space. This allows self-service without the app obtaining an admin token to remove the user.
Several restrictions that we might want to incorporate:
- Deny if the user is the last User in the org? - Deny if the user is the last Org Manager in the org? - Deny if the user is the last Billing Manager in the org? - Deny if the user is the last User in the space? - Deny if the user is the last SpaceManager in the space?
Any objections to this or any other restrictions we should consider?