<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
What would be the Minimum Admin Permission in Order to Activate, Deactivate and Delete Users
Jun 12, 2025
Okta Classic Engine
Okta Identity Engine
Administration
Overview

This article is describing the minimum admin permission that an administrator needs in order to activate, deactivate, and delete users. 

Applies To
  • Okta Administrators
  • Custom Administrator
Solution

In order to create a custom admin that would have the ability to only activate, deactivate and delete users, a custom administrator role needs to be created. 

To create the custom role, a Role and Resource set should be created, having the following permissions assigned:

  • Role: 
    • Under Edit user's lifecycle states, select the following options: 
      • Activate users
      • Deactivate users
      • Delete users 

permissions  

 

  • Resource set: 
    • Add the Users resource. Restraint the ability for only a subset of users, part of a group or for All users.

resource set    

The user will the be able to action 3 buttons from the Admin Console, as seen below: 

new user  new user  

 

Related References

Recommended content

Still looking for help?
Loading
What would be the Minimum Admin Permission in Order to Activate, Deactivate and Delete Users