Remove an Identity Source

Deleting an identity source removes it from the deployment. Do this, for example, when you no longer want to manage users in the identity source within the deployment, or if you migrated the users to a new data source that you are adding to the deployment.

Do not delete the internal database. The internal database contains all policy and configuration information maintained by the system.

Note: Removing an identity source is an irreversible process and can result in the loss of user-authenticator associations.

Before you begin

  • You must be a Super Admin.

  • If the identity source is linked to the system, unlink it. For instructions, see Unlink Identity Sources from the System.

    If you need to temporarily unlink an identity source, for example, to test a source with the same URL and a different scope or to add an associated Global Catalog, do not run a cleanup job. When you relink the identity source, all users from that identity source are resolvable again. Authentication Manager can locate those users as it did before the unlink operation.

  • Run the Schedule Cleanup job to remove from the internal database all user and group references that were associated with the unlinked identity source. Confirm that the job ran successfully. For more information, see Schedule a Cleanup Job.

    Make sure the Cleanup Limit and Grace Period fields are turned off.


  1. On the primary instance, in the Operations Console, click Deployment Configuration > Identity Sources > Manage Existing.

  2. If prompted, enter your Security Console User ID and password.

  3. Click the identity source you want to delete.

  4. From the context menu, click Delete.

  5. On the Delete Identity Source Confirmation page, select Yes, delete the identity source to confirm the deletion.

  6. Click Delete Identity Source.