Users Deleted in Active Directory Not Reflected in Auth0

lihua.zhang · April 13, 2023, 9:27pm

Overview

This article explains why, after removing users from Active Directory (AD), their profiles are still present in Auth0.

This is expected behavior. Deleting a user from an external identity provider will not cause the profile to be removed from Auth0.

To remove the user from Auth0, manually delete them or implement custom automation to remove the profile from both AD and Auth0.

If the user is not deleted from Auth0 after being removed from AD
- The user will no longer be able to authenticate via AD as their profile has been deleted.
- If the deleted user has an existing session, they can use it until it expires, at which point they cannot re-authenticate via AD.
- There is also the risk of the AD/LDAP connector being offline and Auth0 using the cache. In this case, if the credentials from a previous login performed before deletion are present, the user will be able to log in.

Topic		Replies	Views
Automate user delete Help user-management , user-import-export	2	1110	June 30, 2023
Auth0 Admin User is Not Deleted Knowledge Articles	1	384	December 5, 2023
User migrated from LDAP, deleted from Auth0, can't re-migrate? Help connections	3	3617	March 2, 2018
recreating deleted users Help auth0-users , users , delete-user , manage-users , user	5	6067	March 2, 2018
When a user is deleted is their data removed? Knowledge Articles delete-user , security , privacy	1	917	August 17, 2023