Remove users from your Semgrep AppSec Platform organization
When you remove a user from your connected GitHub organization, GitLab group, or single sign-on (SSO) provider:
- They can no longer sign in to Semgrep.
- Any active session for that user in the platform expires within seven days.
However, their user record may still appear in your Semgrep organization's members list.
To have the user record removed from your Semgrep organization as well:
- Ensure that you have removed the user from connected groups in the identity provider.
- Contact Semgrep Support to have the user removed from your organization. Provide the following information in your request:
- The user's email address and sign-in method. If the user had access to the platform via multiple sign-in methods, please include all the methods whose accounts you want to delete. For example, if the user signed in using both GitHub and SAML SSO, please let Semgrep know whether the GitHub account associated with the user should be deleted or the SAML SSO account should be deleted instead.
- Your Semgrep organization name or ID.
Manage available identity providers
If you have multiple identity providers enabled in your Semgrep organization, and want to prevent users from logging in using their GitHub or GitLab credentials:
- Sign in to Semgrep AppSec Platform, and navigate to Settings > Access > Login Methods.
- Click the toggle for GitHub SSO or GitLab SSO to turn off the sign-in method.
This change prevents any new logins from users with GitHub or GitLab credentials.
Not finding what you need in this doc? Ask questions in our Community Slack group, or see Support for other ways to get help.