User not being removed from 1Password

DougWalker
DougWalker
Community Member

Hi,

We had an issue with our SCIM bridge where the SSL certificate did not renew and was out of date for a couple of months before we noticed. I've now setup health monitoring so that will hopefully pick up if that happens again. I fixed the SCIM bridge yesterday evening by redeploying the latest version so we are now on V2.6.2

The reason we noticed is that we have had a member of IT leave the department and their account is not being closed down. The account is disabled in AD which has removed the account from Azure so it is not present in the group which is synced using Azure Provisioning.

Should the bridge remove/disable a user if they are no longer present in the sync method when the bridge comes back online? Is there a way of disabling the account outside of the bridge in 1Password? Currently it's all greyed out due to the user being synced from the bridge.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

Comments

  • hemal.g_1p
    hemal.g_1p
    1Password Alumni

    Hi @DougWalker ,

    Glad to know you manage to update with our latest version !

    For your concern, user is removed from Identity Provider and not part of any synced group. Hence by the next bridge sync he will be suspended in 1Password (user will lose access to his account). As per Scim bridge behavior user will get suspended first and then will get deauthorized from their registered devices. You can confirm these actions under Activity Log of 1password admin account. From this point onwards user can not sign in to his account.

    I believe it's the DisplayName of user which is greyed out as you mention, indicates he is disabled and deleted. About the next question, It is possible to delete a suspended user from 1Password manually outside bridge functionality. And can be possible case with your scenario. Though we strongly recommend to manage users and groups via Identity Provider to avoid any desync.

    Are you still able to access the user details from 1password admin account ?

This discussion has been closed.