Delete an Identity Source from the Cloud Authentication Service

Document created by RSA Information Design and Development Employee on Jul 14, 2016Last modified by RSA Information Design and Development Employee on Oct 20, 2020
Version 55Show Document
  • View in full screen mode
  

You can use the Cloud Administration Console to delete an identity source that is no longer needed. Expect the following behavior when you delete an identity source:

  • After you confirm the deletion but do not publish, you can no longer edit the identity source or synchronize users. You can still use the Cloud Administration Console to find users in that identity source and the users can continue to authenticate.
  • After you publish the changes, all users from the identity source are deleted from the Cloud Authentication Service and can no longer authenticate. The identity source configuration settings are deleted from the Cloud Authentication Service.

Before you begin 

You must be a Super Admin for the Cloud Administration Console.

Procedure 

 
  1. Sign into the Cloud Administration Console.
  2. Remove the identity source you will be deleting from all custom and system access policies, including the Device Registration Using Password policy.

    Note:  Skip the preconfigured policies. The identity source will be automatically removed from these policies when you delete the identity source.

    1. Click Access > Policies.

    2. For each custom policy, click Edit and go to the Identity Sources tab. If the identity source to be deleted is included in the policy, deselect the box next to it, then click Next Step and Save and Finish. Otherwise, click Cancel.

    3. If any configurations in your deployment for relying party, RADIUS profiles, or SAML SSO Agent use attributes from the identity source being deleted, delete the attributes from those configurations.

    4. For the Device Registration Using Password Policy, click Edit. If this policy is disabled, click Enable instead. If the identity source to be deleted is included in the policy, deselect the box next to it, then click Next Step and Save and Finish. Otherwise, click Cancel. Re-disable the policy if it was previously disabled.

  3. (Optional) Perform these steps only if you are preserving an identity source that is either a duplicate or a subset of the identity source you are deleting. You can ensure that users are synchronized into the preserved identity source, and that no users are associated with the identity source being deleted.
    1. Disable scheduled synchronization for the identity source you want to delete. Click Users > Identity Sources. Next to the name of the identity source, select Synchronization from the drop-down menu. On the Synchronization page, in the Synchronization Schedule section, under Automatic Synchronization, select Off.
    2. If just-in-time synchronization is enabled, disable it for all identity sources. Click My Account > Company Settings and select the Company Information tab. In the Just-in-Time Synchronization field, select Disabled.
    3. Synchronize the identity source you are keeping. Click Users > Identity Sources. Next to the name of the identity source, select Synchronization from the drop-down menu. On the Synchronization page, in the Identity Source Details section, click Synchronize Now.
    4. Run a user report to confirm that the identity source being preserved contains the expected user population, and the identity source being deleted contains no users. Click Users > Reports > Generate > Download CSV. You can sort by identity source in the CSV file.
  4. Click Users > Identity Sources.
  5. Find the name of the identity source you want to delete and select Delete from the drop-down menu.
  6. Click Delete to confirm the change.

    Note:  After confirming, you cannot reverse this action, even if you do not immediately publish.

  7. If necessary, re-enable just-in-time synchronization.
  8. Click Publish Changes if you want to activate the settings immediately.

 

 

 

Next Topic:Assurance Levels
You are here
Table of Contents > Identity Sources > Delete an Identity Source from the Cloud Authentication Service

Attachments

    Outcomes