As an administrator, you can remove users from your company's keychain - if you're using an active SCIM integration, this procedure is a bit different. This article explains how to do it, in which situations it would be relevant, and how you can make sure you keep your company data safe, when you remove a user.
Only administrators can delete users, and you need permission to edit your company's Enterprise Applications in Azure AD.
This article is meant for companies that use an active SCIM integration.
If an employee should no longer have access to the organization and doesn't need to create a new user afterwards.
This can be a solution in cases where an employee is no longer working at the company.
How to proceed:
- Login to app.uniqkey.eu and find the employee on the Users list in the menu on the left.
- Click the user and open the Passwords tab.
- Click to mark the passwords you wish to save. As of right now, it's only possible to move up to 9 accounts at a time, and they have to be on the same page.
- Click the three dots to the far right and choose Copy/Move to...
- Choose where to save the passwords - note that if the accounts gets saved in a group, it's NOT possible to move them out of the group afterwards.
- Open your Uniqkey mobile app and confirm the action.
- Login to portal.azure.com and go to Enterprise Applications.
- Find Uniqkey on the list of applications and open it.
- Go to Users And Groups. If the user has been directly assigned to the application, mark the user and click Remove. If you use one or more groups to assign users to Uniqkey, the user needs to be removed from these groups.
- Wait for the provisioning to run a full cycle, or use the feature Provision On Demand. Note that the provisioning should be run on the same basis as the assignment; if the user had been assigned directly to the application, the provisioning should be run on the user. If group-based assignment was used, the provisioning should be done on the groups and the user.
- When the synchronization is complete, the user will be moved from Active Users to Archived Users in app.uniqkey.eu.
As an administrator, you will still be able to see the user under Deleted Users.
The user will still be able to use Uniqkey to manage their personal accounts; they will receive a notification on their phone saying they need to change their e-mail in Uniqkey, so they will no longer be using their company e-mail address.
If an employee can't use Uniqkey and is unable to restore their masterpassword.
This can be caused by not having a backup to restore from, or if something has gone wrong during the activation of the user, and they need to start over with their account.
How to proceed:
- Login to app.uniqkey.eu and find the employee on the Users list in the menu on the left.
- Click the user and open the Passwords tab.
- Click to mark the passwords you wish to save. As of right now, it's only possible to move up to 9 accounts at a time, and they have to be on the same page.
- Click the three dots to the far right and choose Copy/Move to...
- Choose where to save the passwords - note that if the accounts gets saved in a group, it's NOT possible to move them out of the group afterwards.
- Open your Uniqkey mobile app and confirm the action.
- Login to portal.azure.com and go to Enterprise Applications.
- Find Uniqkey on the list of applications and open it.
- Go to Users And Groups. If the user has been directly assigned to the application, mark the user and click Remove. If you use one or more groups to assign users to Uniqkey, the user needs to be removed from these groups.
- Wait for the provisioning to run a full cycle, or use the feature Provision On Demand. Note that the provisioning should be run on the same basis as the assignment; if the user had been assigned directly to the application, the provisioning should be run on the user. If group-based assignment was used, the provisioning should be done on the groups and the user.
- When the synchronization is complete, the user will be moved from Active Users to Archived Users in app.uniqkey.eu.
-Before you can create another user with the same e-mail, the existing user must be deleted from our database. Send an e-mail to support@uniqkey.eu with the full name and e-mail of the user, you wish to delete. The user's personal data will be deleted.
- When the user has been deleted from our database, you can invite them to Uniqkey by assigning them to the enterprise application again.
- Wait for the provisioning to run a full cycle or use the Provision On Demand-feature to sync the user to Uniqkey. If you use groups, the provisioning should be done on the groups including the user.
Keywords: scim, scim user, delete scim user, admin, admin guide.