New EA Feature: Delete User Skip to main content
https://support.okta.com/help/blogdetail?id=a672a000000xaimqas&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fblogdetail
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.

New EA Feature: Delete User

Dec 14, 2016 | by Aaron Yee in Lifecycle Management

Introduction 
Hi valued customers! It's nearing the end of the year, which means it's time to tidy things up – your yard, your personal finances, and your Okta org. You can now permanently delete a user from Okta. (short pause as it sinks in) Applause!  

This has been a long-awaited feature, and I'm happy to announce that it is in early access (EA). This means that you can use it in production environments; it's fully supported. Just contact our support team to request the feature, and they will happily turn it on for you. 

Use-Cases  
Deleting a user is useful in the following situations:

  • You accidentally created a user and want to remove the account from Okta 
  • You want to reuse a previously created username 
  • You want to delete a username that has changed (perhaps because of marriage) 
  • You want to purge your Okta org of users who are no longer in your organization

Details
  • Before an account can be deleted, it must first be deactivated
  • You can deactivate an account via the GUI or API 
  • Once a user account is deleted, an admin can create a new Okta user with the same user name as the deleted one 
    • The new user account will not be associated with the previously deleted user account 
    • For example, app or group assignments will be completely new 
  • Only the following admin roles can delete a user: Super admin, Org admin, and User admin
  • ​The Okta system log retains past events that the deactivated user performed 
    • Log retains the last 6 months of activity 


Using the Feature  
An Okta account can be deleted via the UI or GUI. 

To delete via the GUI:  

  • Log in to Okta as an administrator
  • ​Find a deactivated user under Directory > People  
  • Select the user 
  • Click the Delete button
 

User-added image

To delete via the API: 

DELETE .../users/:id 

The user will irrevocably be removed from view after this call. Cleanup may happen asynchronously. Refer to the API docs (developer.okta.com) for more details.

Comments

  • Jesse Webb on May 30, 2018

    Feature Request: Systematically Age-Out Users from the directory.

    Create admin settings that allow an admin to set a systematic Age-Out setting for example 6 months of inactivity. In my world, any user who does not log in for 6 months should be removed from our healthcare system. I understand they would have to be set back up later and that is fine with us.  And since we use JIT from our IDP's, it should not be an issue.

    The current delete while appreciated is very time consuming in admin steps.  Please help.

  • Av Shch on April 25, 2017

    Could this be scheduled every 180 days with admin notification via email?