Deleting a user account
An account can be deleted from an organization by a user with the organization-manager.admin or organization-manager.organizations.owner role. To learn how to grant a role to a user, see Assigning a role to a user.
Tip
The deletion of a user account from an organization cannot be reversed. To restore a previously deleted user, add them to the organization again.
Deleting a Yandex account user or federated user
To delete a Yandex account user or federated user from an organization:
-
Navigate to Yandex Identity Hub and log in using an administrator or organization owner account.
-
In the left-hand panel, select Users and select the user you want to delete in the list that opens.
Optionally, use the search bar or filter at the top of the page.
-
In the row with the user, click and select Delete.
-
In the window that opens, confirm user deletion from the organization.
Note
Once you delete a federated user from the organization, the user gets deleted from the federation and releases used up quotas. If your federation is set up to automatically create users, a deleted user can log in to the organization and become its member again. To prevent this, delete or block the user in your IdP.
Deleting a local user
To delete a local user from an organization:
Note
This feature is at the Preview stage.
-
Navigate to Yandex Identity Hub and log in using an administrator or organization owner account.
-
In the left-hand panel, select Users and select the user you want to delete in the list that opens.
Optionally, use the search bar or filter at the top of the page.
-
In the row with the user, click and select Delete.
-
In the window that opens, confirm user deletion from the organization.
If you do not have the Yandex Cloud CLI installed yet, install and initialize it.
By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.
-
See the description of the CLI command for removing a user from a pool:
yc organization-manager idp user delete --help -
To get a list of pools in an organization, provide its ID in this command:
yc organization-manager idp userpool list \ --organization-id <organization_ID>Result:
+----------------------+--------------+-------------+----------------------+---------------------+ | ID | NAME | DESCRIPTION | ORGANIZATION ID | CREATED AT | +----------------------+--------------+-------------+----------------------+---------------------+ | ek0o6g0irskn******** | sample-pool1 | | bpf2c65rqcl8******** | 2025-05-17 10:01:04 | | ek03mf01jr4z******** | sample-pool2 | | bpf2c65rqcl8******** | 2025-06-28 16:30:23 | +----------------------+--------------+-------------+----------------------+---------------------+ -
To get the IDs and other information about pool users, provide the pool ID in the following command:
yc organization-manager idp user list \ --userpool-id <user_pool_ID>Result:
+----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+ | ID | USERNAME | FULL NAME | USERPOOL ID | IS ACTIVE | CREATED AT | +----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+ | aje3i1gq49n3******** | test-user1@test.ru.idp.yandexcloud.net | User 1 | ek0o6g0irskn******** | true | 2025-10-07 10:41:54 | | aje0j5mts02t******** | test-user2@test.ru.idp.yandexcloud.net | User 2 | ek0o6g0irskn******** | false | 2025-07-16 11:18:57 | +----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+ -
To delete a local user from an organization, provide their ID in this command:
yc organization-manager idp user delete <user_ID>