Skip to content

Enabling or disabling a specific user account and its associated API key

If you need to offboard specific users, you can disable their accounts and associated API keys by simply checking a box. You can also re-enable accounts by clearing the same checkbox.

Note

You can also delete users, which permanently disconnects the user account from the system. Learn more about deleting users

Can't I just revoke their SSO or email sign-in account?

If you've revoked a user's SSO access and, where applicable, disabled their email sign-in account, they can no longer sign in to Certificate Manager - SaaS products. However, their API key remains fully operational.

To ensure that their API key can no longer be used, you should also disable their Certificate Manager - SaaS user account.

TIP

Disabling accounts can only be performed by Certificate Manager - SaaS administrators who possess the System Administrator role.

What happens when an account is disabled?

Disabled accounts do not show up by default in the Users list (Settings > Users). Their API keys are disabled, and can't be used.

What is the difference between disabling an account and deleting a user?

You need to decide if you want to disable the account, or if you want to delete it completely. Deleting a user is permanent. Disabling a user temporarily suspends their access but keeps the account available for reactivation.

When an account is disabled, the username can't be reused. When a user is deleted, the username (email) can be reused to create a new, unrelated account.

| Action | Access | Can be re-enabled | Historical references | Can re-create with same email | API visibility | | --- | --- | --- | --- | --- | | Disable | All blocked | Yes | Preserved | No
(The user still exists and you can't duplicate usernames/emails.) | Visible. Returned in standard user queries (disabled=true and deleted=false). | | Delete | All blocked | No | Preserved | Yes
(Creates new user that isn't linked to the old account) | Hidden by default. Only returned when querying with deleted=true (disabled=true, deleted=true). | | Revoke SSO | API key enabled;Login disabled | Yes | Preserved | Not applicable | Visible. Normal API user object (disabled=false, deleted=false). |

To enable or disable a user's account

  1. Sign in to Certificate Manager - SaaS.

  2. Click Settings > Users.

  3. On the Users page, find and click the user name you want to disable.

  4. From the Summary tab, select or clear Disable user account, and then click Save.