Automatically Deactivate Inactive Users After Customizable Inactivity Period
under review
J
Jade Orca
Description:
Customers managing large user bases need a way to automatically deactivate users who have not been active within a customizable period of time (e.g., 30, 60, or 90 days). This functionality supports compliance, platform hygiene, and license optimization, particularly in regulated industries or organizations with strict security and access controls.
Requested Functionality:
- Native support for setting an inactivity threshold (e.g., "Deactivate users after X days of inactivity")
- Admin control over what counts as "activity" (e.g., login, build runs, deployment triggers)
- Ability to exclude specific users or groups (such as service accounts)
- Optional notifications to admins prior to deactivation
- Reporting or dashboards showing users flagged for deactivation
Current Workaround:
- Manual user audits and scripting against Harness APIs to identify and deactivate inactive users.
- This is not scalable or efficient for large orgs.
Value to Customers:
- Helps meet compliance or internal policy requirements around stale user access
- Improves platform security by automatically removing dormant users
- Optimizes license usage under user-based pricing models
- Reduces manual administrative overhead
Log In
A
Abhishek Thamman
under review
Gino Orvieto
Merged in a post:
FR - Dashboard functionality for the last login information for all users
G
Gold Crab
Needed the functionality to create a dashboard for last login information for all users to obtain the time difference between the current time and the time the user last logged in.
L
Labour Magpie
We also need similar feature to track total no of active and inactive over particular time duration.
Canny AI
Merged in a post:
FR - View last login/activity and add user deactivation feature
D
Dandelion Dinosaur
Adding the ability to view the last login/activity of a user in the Account Access Control: Users page or the User Profile page, this would help us monitor user engagement and identify inactive accounts. Moreover, the capability to deactivate user accounts would allow us to exercise better control over the allocation of users (licenses) to harness.
J
Jade Orca
Why is this now long term? This is kind of a table stakes feature for platforms.
C
Cyan Puffin
Hi Miraldo,
We do not have a dashboard for this functionality. As a work around you can get this information from the audit trail and filtering by login action.
So you can go to Settings > Security & Governance > Audit trail
You can also stream the audit log data and extract required information from the stream.
Z
Zinc white Peacock
We're also looking for this functionality. We'd like to mark users 'dormant' after a configurable amount of inactivity so they don't count against the active user license.
Our users are mapped to LDAP groups and we don't have the capability to easily manage those groups, so we want an internal Harness solution.
For reference, we have this solution with our Github enterprise. I can include a screen shot how they implemented this if that helps.
P
Profound Ant
Zinc white Peacock +1
S
Saffron Mink
Zinc white Peacock +1
Prateek Mittal
The ability to view the last login/activity can be achieved by using the audit trail functionality - https://developer.harness.io/docs/platform/governance/audit-trail/
Deactivation of user is supported through the manage users page where you can delete the users from Harness who are not actively using Harness. https://developer.harness.io/docs/platform/role-based-access-control/add-users
D
Dandelion Dinosaur
Prateek Mittal,
The audit trail is not the most effective tool for observing the last login of particular users. Having this information attached to each user on the Account Access Control: Users page would greatly simplify things.
It's not practical to remove a user if they could join again in the future, and inviting them again would be a waste of time instead of activating their account.