Deleting a user

Admin guide
Who this is for
Admins offboarding users who are leaving the organization
Time to read
3 min
Prerequisites
Your account has permission to delete users. You've read **User & Access Management — Overview**.

What you'll learn#

  • How to delete a user from the system
  • What gets removed and what stays behind
  • What to do instead of deleting, when possible
  • Realistic workarounds for "suspend" until VAT Portal adds a proper disable flow

An honest note before you start#

The current version of VAT Portal doesn't have a "disable user" action. The only UI-level way to take someone out of circulation is to delete them. You can't flip a user to Inactive and bring them back later through the UI.

That's a real gap — most user management systems separate "this person left for good" (delete) from "this person is on extended leave / suspended / on notice" (disable). For now, if you need a disable-style state, see the workarounds at the end of this article.

Step-by-step#

  1. Open Settings → Users.
  2. Find the user to delete — search if needed.
  3. Click the three-dot menu at the end of their row.
  4. Choose Delete.
  5. A confirmation dialog appears showing the user's name.
  6. Click Delete to confirm.

The user is removed from the system immediately. They can no longer sign in; their account no longer appears in the Users list.

What gets removed, and what stays#

Removed:

  • The user's account (username, password, email, role).
  • The user's company assignments.
  • The user's per-resource access entries (ACLs).
  • Their membership in any groups.

Kept:

  • Documents the user created stay — they continue to exist with the deleted user's name shown as the creator (usually rendered as the user's name or, if the name reference was broken, as #userId).
  • Approvals the user made on tasks stay in the history — the action record is preserved.
  • Comments they posted on discussion boards stay. If the name resolution breaks, they may show as "User #{id}" but the content remains.
  • Attachments they uploaded stay on the documents they're attached to.

Think of it this way: the user's account vanishes; their footprint remains. Data integrity is preserved, but the person who made it is no longer logging in.

When to delete — and when not to#

Delete when:

  • The person has definitively left your organization and isn't coming back.
  • The account was created by mistake and was never used.
  • You've already migrated the person's responsibilities to another user (via Copy User or other means) and the old account is no longer needed.

Don't delete when:

  • You want to temporarily suspend the user (medical leave, long vacation, under investigation). See workarounds below.
  • The user's historical attributions need to stay attached to a live account for audit reasons. Check your company's compliance rules before deleting.

Workarounds for "suspend without delete"#

If you need to pause a user's access without losing the account entirely, you can approximate a disable state using the tools that do exist:

Option A: Revoke all access#

  1. Open Manage Access for the user.
  2. For each company they belong to, uncheck every resource.
  3. Save.

The user can still sign in, but they'll see an empty dashboard and no sidebar items. They can't actually do anything. Their account stays intact for when you want to re-grant access.

Option B: Change their password to something random#

  1. You (or the user) need their current password to do this — see Changing a user's password.
  2. Change it to a long random string you don't record.
  3. The user can't sign in without knowing the new password.

This works for the "temporarily lock out" case but leaves the user's previously-assigned access intact. When they come back, an admin with the current password changes it again to something they can use.

Option C: Remove from all but one unused company#

Since at least one company is required, move the user to a company that has no meaningful resources assigned to them. This is clunky but effectively isolates them.

None of these are great. Watch for a future release that adds a proper disable flow.

Common questions#

I deleted a user by mistake — can I restore them?

Not from the UI. Contact your system administrator or implementation partner — they may be able to restore from a database backup, but it's not guaranteed and there may be a data-freshness cost.

Will documents the deleted user created be deleted too?

No. Documents survive deletion of their creator. The documents still exist and stay attributed to the person who created them (by name, as it was stored).

What about approvals they made on other people's documents?

Those stay in the history. The audit trail isn't affected.

A user left the company but I can't delete them — I get a permission error.

Your own account doesn't have delete permission on the user resource. Ask a senior admin to either grant you permission or do the deletion.

Can I delete my own account?

The UI might let you try, but doing so is a bad idea — you'd sign yourself out and lose admin access. Don't.

What happens to tasks that were assigned to a user I just deleted?

Tasks that were assigned to them personally become orphaned — they're still there, but nobody can act on them. This can stick a workflow. Before deleting a user, check if they have active tasks and reassign or delegate them first. See Workflow Admin — fixing stuck workflows for the recovery path if it does get stuck.

The user was in an approval group — do they automatically get removed from the group?

Yes, group memberships are removed when a user is deleted. But workflow tasks that were routed to the group and specifically picked up by the deleted user before their departure need handling — see the previous question.

Keep reading

Related articles

User & Access Management — Overview
Creating a new user
Managing a user's access (per-company ACLs)
Copying a user (inherit permissions)
Changing a user's password
Workflow Admin — fixing stuck workflows