How can I remove a user fully from my Zero Trust (CF Tunnel) Team?
I have a user in my Zero Trust team I do not recall adding. Is there any way I can fully remove them from my team?
To my knowledge, they do not have access to anything, but I would feel safer to have them fully removed from my team. They have no recent activity, but they do have logins. And, as I have said, I do not recall adding them and there is no information on when they were added to the team.
Any assistance on this would be greatly appreciated!
Thank you!
18 Replies
Users are added dynamically when they login/successful auth. There's no way to remove them at the moment sadly, although you can revoke their seat usage/remove all sessions.
Delete a user record There is currently no way to delete or archive a user record. You can remove a user from a seat, but their user record will remain in Zero Trust.https://developers.cloudflare.com/cloudflare-one/identity/users/seat-management/#delete-a-user-record
@Chaika Thank you for verifying that.
What I read in a few areas on my google search said that, but I wasn't able to find the Cloudflare answer.
I really don't know how they were able to successfully authenticate though, as I do have only certain individuals allowed access to my web pages! Though I do have one site that doesn't require authentication, and is fully open!
What I read in a few areas on my google search said that, but I wasn't able to find the Cloudflare answer.
I really don't know how they were able to successfully authenticate though, as I do have only certain individuals allowed access to my web pages! Though I do have one site that doesn't require authentication, and is fully open!
If you go under My Team -> Users, and click "View" to the right of the user, it should show you what they auth'd through
under Session identities, Devices, or Recent Activity. Should be some info there, depending on which service they used
they auth'd with google
Right but it should also show you the specific application
And there is nothing under Devices or Recent Activity. That is why I can't figure this out!
when was the last login?
Yesterday at 10:26:39 AM
There's nothing under Session identities under the User Identity tab either?
nope
never has been
Now you can see why this is driving my crazy and why I want them fully removed! 🤣
yea that's weird, I guess it may be because their session already expired
they're just taking up an Access seat/not a gateway seat I assume?
I believe so, but they are also not in any access group/list/application
I did revoke any active sessions, so that is why active sessions are not showing. But I do require reauthentication every 24 hours for my stuff.
And, unfortunately, I did remove user, so I cannot say for certain they were not taking a gateway seat.
ok well sounds like you deleted most of what would have been useful inadvertently lol
depending on how many applications you have, you could try running their email through a few of them under Test Policies just as a sanity check
They do login every few days from what I have seen, so I can see what pops up afterwards.
But doing the revoke session & remove user shouldn't have affected recent activities, or should it have?
And I'll do that to see what occurs!
damn it, I need to change a few of my policies because I apparently did it wrong!
for me recent activites seems super buggy
only works if I navigate to the tab, and then refresh the entire window
then it shows stuff
I didn't do a "require" only "include"
@Chaika Thank you very much for your help! I apparently did all my access groups wrong with only includes! I know have the user in the required so they no longer have access to anything!
well at least it was something simple
That is true, now to figure out why I cannot delete a few extra access group rules! It says they are in use! hehe
But that will be simple in comparison.
Thank you again for your help!