Search
API
Acceldata Data Observability Cloud
Get Started
Assets
Asset Schema References
Data Reliability
Data Reliability Schema References
Pipelines
Authorization
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Offboard a User
Summarize Page
Copy Markdown
Open in ChatGPT
Open in Claude
Connect to Cursor
Connect to VS Code
Securely remove a departing employee's access while maintaining audit trail and preventing disruption to team workflows.
Critical: Security Checklist
Immediate Actions (Do First)
- Disable User Account
Bash
PUT /admin/api/users/user-123{ "enabled": false}- Revoke All API Keys
Bash
x
# List user's keysGET /admin/api/users/user-123/api-keys# Delete each keyDELETE /admin/api/users/api-keys/AK-abc123DELETE /admin/api/users/api-keys/AK-def456- Remove from All Groups
Bash
PUT /admin/api/users/user-123/remove-groups{ "groupIds": [ "group-data-eng", "group-pipeline-owners", "group-prod-access" ]}Timeline: Complete within 1 hour of departure notification
Complete Offboarding Workflow
Step 1: Document Current Access
Bash
# Get full user detailsGET /admin/api/users/user-123# Get rolesGET /authz/api/v1/users/user-123/roles# Get API keysGET /admin/api/users/user-123/api-keysSave this for audit trail and handover documentation.
Step 2: Disable Account (Don't Delete)
Bash
PUT /admin/api/users/user-123{ "enabled": false, "attributes": { "status": ["OFFBOARDED"], "offboardDate": ["2024-12-05"], "reason": ["Voluntary - New Job"], "handedOffTo": ["replacement@company.com"] }}Why not delete?
- Preserves audit history
- Maintains data lineage
- Compliance requirements
- Can reactivate if they return
Step 3: Revoke API Keys
Bash
# Get all keysGET /admin/api/users/user-123/api-keys# Revoke eachDELETE /admin/api/users/api-keys/AK-key1DELETE /admin/api/users/api-keys/AK-key2Step 4: Remove Group Memberships
Bash
PUT /admin/api/users/user-123/remove-groups{ "groupIds": ["all", "groups", "user", "was", "in"]}Step 5: Verify Access Removed
Bash
# Should return empty/minimal permissionsGET /authz/api/v1/users/permissions?userId=user-123# Should show enabled: falseGET /admin/api/users/user-123Step 6: Update Ownership
Transfer ownership of resources created by departing user:
Bash
# Update pipeline metadataPUT /torch-pipeline/api/pipelines{ "meta": { "owner": "replacement@company.com" }}Emergency Offboarding
If user leaves unexpectedly or security incident:
Bash
# 1. Immediate disable (2 minutes)PUT /admin/api/users/user-123 {"enabled": false}# 2. Mass revoke (5 minutes)DELETE /admin/api/users/api-keys/AK-* (all keys)# 3. Group removal (3 minutes)PUT /admin/api/users/user-123/remove-groups {"groupIds": [...all]}# Total time: 10 minutesAPIs Used
PUT /admin/api/users/:userId- Disable accountGET /admin/api/users/:userId/api-keys- List keysDELETE /admin/api/users/api-keys/:accessKey- Revoke keysPUT /admin/api/users/:userId/remove-groups- Remove accessGET /authz/api/v1/users/permissions- Verify removal
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Last updated on
Was this page helpful?
Next to read:
Audit and Review User AccessFor additional help, contact www.acceldata.force.com OR call our service desk +1 844 9433282
Copyright © 2025
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message
On This Page
Offboard a UserCritical: Security ChecklistImmediate Actions (Do First)Complete Offboarding WorkflowStep 1: Document Current AccessStep 2: Disable Account (Don't Delete)Step 3: Revoke API KeysStep 4: Remove Group MembershipsStep 5: Verify Access RemovedStep 6: Update OwnershipEmergency OffboardingAPIs Used