Contact UsTry it for free
© 2026 Direct Cursus Technology L.L.C.

Activating a user

Written by
Updated at February 10, 2026

You can activate previously deactivated users. After activation, users regain access to the organization resources they have access permissions for.

Note

You can activate and deactivate only federated and local users. You cannot activate or deactivate Yandex account users.

Activating a federated user

To activate a federated user account:

  1. Log in to Yandex Identity Hub using an administrator or organization owner account.

  2. In the left-hand panel, select Users and find the federated or local user you need.

    Optionally, use the search bar or filter at the top of the page.

  3. In the row with the user, click and select Activate.

  4. In the window that opens, confirm the activation.

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

  1. See the description of the CLI command for activating federated users:

    yc organization-manager federation saml reactivate-user-accounts --help

  2. Get a list of federations in the organization:

    yc organization-manager federation saml list \
  --organization-id <organization_ID>

    Where --organization-id is the ID of the organization you need the list of federations for.

  3. Get a list of deactivated federation users:

    yc organization-manager federation saml list-user-accounts <federation_ID> \
  --organization-id <organization_ID> \
  --filter active=false

    Where:

    • <federation_ID>: ID of the federation you need the list of users for.
    • --organization-id: ID of the organization the federation belongs to.
    • --filter active=false: Filter to get only deactivated users.

  4. To activate users, provide their IDs in this command:

    yc organization-manager federation saml reactivate-user-accounts <federation_ID> \
  --subject-ids <user_1_ID>,<user_2_ID>,...,<user_N_ID> \
  --organization-id <organization_ID>

    Where:

    • <federation_ID>: ID of the federation to activate users in.
    • --subject-ids: List of user IDs to activate.
    • --organization-id: ID of the organization the federation belongs to.

Use the Federation.Reactivate REST API method for the Federation resource or the FederationService/Reactivate gRPC API call.

Activating a local user

To activate a local user account:

  1. Log in to Yandex Identity Hub using an administrator or organization owner account.

  2. In the left-hand panel, select Users and find the federated or local user you need.

    Optionally, use the search bar or filter at the top of the page.

  3. In the row with the user, click and select Activate.

  4. In the window that opens, confirm the activation.

If you do not have the Yandex Cloud CLI installed yet, install and initialize it.

By default, the CLI uses the folder specified when creating the profile. To change the default folder, use the yc config set folder-id <folder_ID> command. You can also set a different folder for any specific command using the --folder-name or --folder-id parameter.

  1. View the description of the CLI command to activate a pool user:

    yc organization-manager idp user reactivate --help

  2. To get a list of pools in an organization, provide its ID in this command:

    yc organization-manager idp userpool list \
  --organization-id <organization_ID>

    Result:

    +----------------------+--------------+-------------+----------------------+---------------------+
|          ID          |     NAME     | DESCRIPTION |   ORGANIZATION ID    |     CREATED AT      |
+----------------------+--------------+-------------+----------------------+---------------------+
| ek0o6g0irskn******** | sample-pool1 |             | bpf2c65rqcl8******** | 2025-05-17 10:01:04 |
| ek03mf01jr4z******** | sample-pool2 |             | bpf2c65rqcl8******** | 2025-06-28 16:30:23 |
+----------------------+--------------+-------------+----------------------+---------------------+

  3. To get the IDs and other information about pool users, provide the pool ID in the following command:

    yc organization-manager idp user list \
  --userpool-id <user_pool_ID>

    Result:

    +----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+
|          ID          |                USERNAME                | FULL NAME |     USERPOOL ID      | IS ACTIVE |     CREATED AT      |
+----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+
| aje3i1gq49n3******** | test-user1@test.ru.idp.yandexcloud.net | User 1    | ek0o6g0irskn******** | true      | 2025-10-07 10:41:54 |
| aje0j5mts02t******** | test-user2@test.ru.idp.yandexcloud.net | User 2    | ek0o6g0irskn******** | false     | 2025-07-16 11:18:57 |
+----------------------+----------------------------------------+-----------+----------------------+-----------+---------------------+

  4. To activate a user, provide their ID in this command:

    yc organization-manager idp user reactivate <user_ID>

With Terraform, you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.

Terraform is distributed under the Business Source License. The Yandex Cloud provider for Terraform is distributed under the MPL-2.0 license.

For more information about the provider resources, see the relevant documentation on the Terraform website or its mirror.

If you do not have Terraform yet, install it and configure the Yandex Cloud provider.

  1. Describe the user parameters in the configuration file:

    resource "yandex_organizationmanager_idp_user" "example_user" {
  userpool_id = "<pool_ID>"
  username    = "<username>"
  full_name   = "<full_username>"
  is_active   = true
}

    Where:

    • userpool_id: ID of the pool the user is in.
    • username: User's name.
    • full_name: User's full name.
    • is_active: Activation flag. Set to true to activate the user.

    For more information about yandex_organizationmanager_idp_user properties, see the relevant provider documentation.

  2. Create the resources:

    1. In the terminal, go to the directory where you edited the configuration file.

    2. Make sure the configuration file is correct using this command:

      terraform validate

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.

    3. Run this command:

      terraform plan

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

    4. Apply the changes:

      terraform apply

    5. Type yes and press Enter to confirm the changes.

    Terraform will create all the required resources. You can check the new resources and their settings using the management console or this CLI command:

    yc organization-manager idp user get <user_ID>

Use the User.Reactivate REST API method for the User resource or the UserService/Reactivate gRPC API call.

See also

Previous
Viewing user groups
Next
Deactivating a user