We have some Users that we need to remove from OneLogin associated applications how do I remove the access.



1 comment

  • Official comment
    Tony Bagalini

    The best way is to setup mappings/ Roles to remove app access, or set the user to de-active to not consume a license entirely.

    How to delete a user in OneLogin:
    When an user object in AD meets the general requirements of firstname, lastname, and email address and is in the scoped OU selected below the user will sync to OneLogin. 

    In order to remove a user from OneLogin the user object in AD would either need to be moved out of the scoped OU listed above, no longer meet the minimum requirements of firstname, lastname, email address, OR deleted from AD. 

    How to remove a user from an App/Role:

    1. Confirm how an end user is assigned to a role/app.

    • navigate to the role that assigns the app in question. 
    • Then click on the 'Users' tab and determine if the user is manually added to the role or assigned via the mapping. In this example the user name is NOT listed in the manual section and it requires you to click on the 'Mapping' row.
    • Once you select the mapping enter in the user name in the 'check conditions' search field. In this case the end user is meeting the conditions. 
    • In order to remove the user you would need to add in an exception to the condition like below
    • Or update the condition to the end user is no longer meeting the condition. 

    This would be a different process for each role/app depending on the conditions and how the end user was assigned. 



    Comment actions Permalink

Please sign in to leave a comment.