How do I delete a user account that was auto-provisioned through my identity provider?

Options
JFarmer
JFarmer
Community Member
in SCIM Bridge

We have a user that was auto-provisioned form Office 365. The user's username and email address were later changed in O365. We need the 1Password account to reflect this change, and we cannot change it in the 1Password account, because auto-provisioning is enabled. I have since removed the user from all groups that would allow auto-provisioning in 1Password, but the account in 1Password needs to be removed, so I can start over. The user is active in O365, so I cannot just block things on that side.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:delete autoprovisioned user

Comments

  • graham_1P
    graham_1P
    Options

    Hi @JFarmer ,

    As of version 1.6.0 (https://app-updates.agilebits.com/product_history/SCIM#v106001), the 1Password SCIM Bridge supports identity provider sourced email changes. If you update the bridge to that version or higher, you will be able to automatically start the email change process in the future.

    However that does not help your existing user.

    As a first step, I would ensure there are no assignments for the given user to the 1Password application on the identity provider. If all assignments are removed, your Identity Provider should send us a request to deactivate the user.

    If that has been done and the user still exists, I would do exactly what you are implying: remove the user completely from 1Password, and then reassign them from the application to create a new user.

    To do so:

    • In the 1Password application on your identity provider, pause the provisioning sync. This avoids errors from popping up on your identity provider, and potentially having the application quarantined.
    • In the 1Password web application, navigate to Settings -> Provisioning and then toggle provisioning off. Press Save.
    • Remove the problematic user
    • Navigate back to Settings -> Provisioning and then toggle provisioning back on. Press Save
    • Return to your identity provider and re-enable provisioning.
    • Assign the user to the 1Password application on your identity provider.

    Let me know if that works.

    Graham

This discussion has been closed.