diff --git a/backend/src/controllers/Permissions.php b/backend/src/controllers/Permissions.php
index 4649937..9adeaf9 100644
--- a/backend/src/controllers/Permissions.php
+++ b/backend/src/controllers/Permissions.php
@@ -70,4 +70,27 @@ class Permissions
             return $res->withJson(['error' => 'Either domain or user were not found'], 404);
         }
     }
+
+    public function delete(Request $req, Response $res, array $args)
+    {
+        $ac = new \Operations\AccessControl($this->c);
+        if (!$ac->isAdmin($req->getAttribute('userId'))) {
+            $this->logger->info('Non admin user tries to add permissions');
+            return $res->withJson(['error' => 'You must be admin to use this feature'], 403);
+        }
+
+        $user = intval($args['user']);
+        $domainId = intval($args['domainId']);
+
+        $permissions = new \Operations\Permissions($this->c);
+
+        try {
+            $permissions->deletePermission($user, $domainId);
+
+            $this->logger->info('Permission was removed:', ['by' => $req->getAttribute('userId'), 'user' => $user, 'domain' => $domainId]);
+            return $res->withStatus(204);
+        } catch (\Exceptions\NotFoundException $e) {
+            return $res->withJson(['error' => 'Either domain or user were not found'], 404);
+        }
+    }
 }
diff --git a/backend/src/operations/Permissions.php b/backend/src/operations/Permissions.php
index 4949dc0..a57b9b8 100644
--- a/backend/src/operations/Permissions.php
+++ b/backend/src/operations/Permissions.php
@@ -73,6 +73,8 @@ class Permissions
      * @param   $domainId   Domain for which access should be granted
      * 
      * @return  void
+     * 
+     * @throws  NotFoundException If domain or user was not found
      */
     public function addPermission(int $userId, int $domainId) : void
     {
@@ -107,4 +109,35 @@ class Permissions
 
         $this->db->commit();
     }
+
+    /**
+     * Delete a permission
+     * 
+     * @param   $userId     User id
+     * @param   $domainId   Domain for which access should be revoked
+     * 
+     * @return  void
+     * 
+     * @throws  NotFoundException   if the entry was not found
+     */
+    public function deletePermission(int $userId, int $domainId) : void
+    {
+        $this->db->beginTransaction();
+
+        $query = $this->db->prepare('SELECT * FROM permissions WHERE domain_id=:domainId AND user_id=:userId');
+        $query->bindValue(':domainId', $domainId, \PDO::PARAM_INT);
+        $query->bindValue(':userId', $userId, \PDO::PARAM_INT);
+        $query->execute();
+        if ($query->fetch() === false) {
+            $this->db->rollBack();
+            throw new \Exceptions\NotFoundException();
+        }
+
+        $query = $this->db->prepare('DELETE FROM permissions WHERE domain_id=:domainId AND user_id=:userId');
+        $query->bindValue(':domainId', $domainId, \PDO::PARAM_INT);
+        $query->bindValue(':userId', $userId, \PDO::PARAM_INT);
+        $query->execute();
+
+        $this->db->commit();
+    }
 }
diff --git a/backend/src/public/index.php b/backend/src/public/index.php
index 4393656..4dd1c8f 100644
--- a/backend/src/public/index.php
+++ b/backend/src/public/index.php
@@ -50,6 +50,7 @@ $app->group('/v1', function () {
 
         $this->get('/users/{user}/permissions', '\Controllers\Permissions:getList');
         $this->post('/users/{user}/permissions', '\Controllers\Permissions:postNew');
+        $this->delete('/users/{user}/permissions/{domainId}', '\Controllers\Permissions:delete');
     })->add('\Middlewares\Authentication');
 });
 
diff --git a/backend/test/tests/permissions.js b/backend/test/tests/permissions.js
index d322f0e..f771b1c 100644
--- a/backend/test/tests/permissions.js
+++ b/backend/test/tests/permissions.js
@@ -66,7 +66,21 @@ test.run(async function () {
 
         assert.equal(res.status, 204, 'Add of permission should succeed for not existing permission.');
 
+        // Revoke the new permission
+        var res = await req({
+            url: '/users/2/permissions/3',
+            method: 'delete'
+        });
 
+        assert.equal(res.status, 204, 'Revoking should succeed');
+
+        // Revoke the new permission again
+        var res = await req({
+            url: '/users/2/permissions/3',
+            method: 'delete'
+        });
+
+        assert.equal(res.status, 404, 'Second revocation of the same permission should fail');
     });
 
     await test('user', async function (assert, req) {
@@ -86,5 +100,12 @@ test.run(async function () {
         });
 
         assert.equal(res.status, 403, 'Add of permission should fail for user.');
+
+        var res = await req({
+            url: '/users/2/permissions/1',
+            method: 'delete'
+        });
+
+        assert.equal(res.status, 403, 'Revoke of permission should fail for user.');
     });
 });
\ No newline at end of file