Skip to main content
To offboard a user, you have three options: use the AccessOwl Slack application, the web interface, or an HRIS integration. When you trigger an offboarding, each application admin is notified to remove the user. If provisioning is managed by an AccessOwl integration, the user’s accounts are automatically suspended or deleted.

Offboarding via…

Open the AccessOwl home tab and click the button “Offboard User”

Scheduled Offboarding

Scheduled offboarding ensures access is revoked on the user’s last day. You can set a future date and time when triggering offboarding through any of the methods above. Plans can change, so scheduled offboardings are flexible. Stakeholders (excluding the offboardee) receive notifications, and if a central notification channel is defined, it includes a link to reschedule.
In case the scheduled offboarding was manually triggered, the requestor also receives a notification. If no central notification channel is defined, the notification includes a link to reschedule the offboarding. Otherwise, the requestor’s notification does not contain a rescheduling link.

Employee Leave

When an employee goes on extended leave, their account in Google Workspace or Microsoft 365 is typically suspended by your IT admin. AccessOwl syncs user statuses directly from these directory services, so the status change is handled automatically. When an account is suspended: When a user is suspended, AccessOwl detects the change on the next sync, sets the user’s status to Inactive, and deactivates the user in AccessOwl. Assigned applications are not removed by default, so the user’s profile will still show access to the applications currently listed. If needed, you can remove application assigned to the user When the employee returns from leave: Once the account is reactivated in Google Workspace or Microsoft 365, AccessOwl detects the change on the next sync. The user will still appear as deactivated in AccessOwl, but their Google Workspace or Microsoft 365 access will automatically show as active again. To fully restore the user in AccessOwl, open the user’s profile and click Reactivate. All other application access tracked in AccessOwl remains unchanged from before the leave.
AccessOwl syncs with your directory approximately every 3 hours. After re-enabling an account, the status update in AccessOwl may take up to one sync cycle to reflect.
If you choose to manually remove application access for a user while they are on leave, you will need to request those applications again for them when they return.