How to deactivate and delete user accounts in Okta for Federated and Non Federated users of Clarity.
Release : Clarity all supported version in Broadcom SaaS GCP
Deleting and deactivating users in Okta is needed when the user in clarity is no longer associated with the company. In Clarity you cannot delete an user but you can deactivate it or lock the user and with Federated SSO integration the user records is also created in Okta. In order to deactivate and delete the user the clarity administrators needs to have Okta Tenant Administrator user provided by Broadcom. For further information on Okta Tenant Administrator account refer to our Broadcom’s Okta User Groups Documentation.
Deactivate and delete user accounts
Deactivate or delete a user account to limit or remove access to org resources. When you deactivate a user account, the account status moves from Active to Deactivated. Deactivated users can no longer access their assigned applications. When you reactivate a previously deactivated user account, you'll need to reassign apps to the user. Deactivation runs as a background task, and depending on the number of users being deactivated, can take significant time to complete. You can perform multiple deactivation requests at the same time. During deactivation, notifications appear indicating the progress of all deactivation requests. A notification appears when each deactivation request completes successfully.
Deactivate a user account
Delete a user account
There is possibility of when the Okta Tenant administrator removes a user from the group, instead of deactivating the user and later realizes they cannot see the user nor recreate the user. The Okta Tenant administrator might think that by removing user from the group is part of deactivation. If the administrator removes user from group by clicking on "X", then the admin cannot access the user or manage the user. Once the user is removed from all groups that admin manages, then then user will not be visible to the admin to manage. To reactivate the user, admin might try to recreate the user thinking user is deleted by mistake or deactivation removed the user. You will see error message indicating that user already exists like "An object with this field already exists in the current organization..." At this point this can only be resolved by reaching Broadcom Support.