Remove User Access from Kissmetrics

Overview

Removing user access from Kissmetrics is an essential part of account security and compliance. Whether it's due to employee departures, contractor project completion, or security concerns, promptly removing unnecessary access protects your data and maintains accountability.

This guide covers how to remove users, handle offboarding scenarios, and ensure clean access management in Kissmetrics.

When to Remove User Access

Common Scenarios:

• Employee termination or resignation
• Contractor project completion
• Intern/temp worker assignment ending
• Department transfer (remove from current, add to new)
• Security breach or compromised account
• User hasn't logged in for extended period
• Consolidating duplicate accounts
• Compliance audit findings
• Project or client engagement ending (for agencies)

Before Removing Access

Checklist

For Employee Departures:

• Verify offboarding approval from HR or manager
• Check if any knowledge transfer is needed
• Determine if any reports or dashboards need to be transferred
• Document what the user had access to
• Plan for any automated reports they created
• Notify team members of access removal

For Security Incidents:

• Immediately revoke access (don't wait)
• Document the security concern
• Review user's recent activity
• Check for any suspicious behavior
• Consider changing passwords/API keys if compromised
• Notify security team

For Contractors/Vendors:

• Verify contract/project completion
• Get approval from project manager
• Ensure deliverables are complete
• Transfer any owned reports or dashboards
• Document access removal for records

Step-by-Step Instructions

Step 1: Navigate to Team Settings

1. Log in to your Kissmetrics account
2. Click your profile icon in the top-right corner
3. Select Settings from the dropdown menu
4. Click Team or Team Members in the left sidebar

Step 2: Locate the User

Find the User:

• Scroll through the team member list
• Or use the search function (if available)
• Enter the user's name or email address

Verify Identity:

• Double-check you've selected the correct user
• Verify email address matches
• Ensure this is the user you intend to remove

Step 3: Remove the User

Option A: Remove Button

1. Find the user in the list
2. Click the Remove, Delete, or trash icon next to their name
3. A confirmation dialog appears

Option B: User Profile Method

1. Click on the user's name
2. In their profile, click Remove User or Delete Access
3. Confirmation dialog appears

Step 4: Confirm Removal

The confirmation dialog typically shows:

• User's name and email
• Warning that this action may be irreversible
• Option to cancel or confirm

Confirmation Steps:

1. Read the confirmation message carefully
2. Verify this is the correct user
3. Understand that removal is usually immediate
4. Click Confirm, Remove User, or Delete

Step 5: Verify Removal

After confirmation:

1. User disappears from the team member list
2. You may see a success message
3. User immediately loses access to Kissmetrics
4. Any active sessions are terminated

What Happens When You Remove a User

Immediate Effects

User Perspective:

• Loses access to Kissmetrics immediately
• Cannot log in to the account
• Receives error message if attempting to access
• Active sessions are terminated
• May receive notification email (platform-dependent)

Account Perspective:

• User no longer appears in team member list
• User's name may still appear on reports they created
• Historical data remains (attributed to removed user)
• Scheduled reports they created may stop or need reassignment
• API keys they created may be invalidated

Data Retention

What Remains:

• Reports and dashboards created by the user
• Events tracked while user had access
• Historical activity logs
• User's name in audit trails

What's Removed:

• User's login credentials
• User's personal settings and preferences
• User's ability to access or modify anything
• User's pending invitations (if any)

Handling Different Removal Scenarios

Standard Employee Departure

Planned Departure (2-week notice):

Week 1:

1. Document user's Kissmetrics responsibilities
2. Identify reports/dashboards owned by user
3. Assign ownership to another team member
4. Plan knowledge transfer sessions

Week 2:

1. Complete knowledge transfer
2. Verify all reports are reassigned
3. Update documentation

Last Day:

1. Remove Kissmetrics access
2. Document removal in HR system
3. Verify removal successful

Immediate Termination

For security-sensitive departures:

1. Remove Access First (within minutes of termination)
2. Document removal
3. Review recent activity for suspicious behavior
4. Transfer ownership of critical reports immediately
5. Notify remaining team members
6. Update access documentation

Contractor Project Completion

End of Contract:

1. Verify all deliverables are complete
2. Export any reports needed for records
3. Remove access on contract end date
4. Document removal
5. Keep records for compliance

Consider:

• May want to downgrade to Read-Only first
• Allows final review without edit access
• Then fully remove after final approval

Security Incident

Compromised Account:

Immediate Actions:

1. Remove access immediately (don't wait)
2. Review recent activity
3. Check for unauthorized changes
4. Reset API keys if they had access
5. Notify security team
6. Document incident

Follow-Up:

1. Investigate what accessed
2. Determine if data was exposed
3. Implement additional security measures
4. Consider requiring password resets for other users

Inactive User Cleanup

For Users Who Haven't Logged In:

1. Identify inactive users (e.g., no login in 90+ days)
2. Send notification email about upcoming removal
3. Wait for response (1-2 weeks)
4. If no response and no longer needed, remove access
5. Document removal with reason

Best Practices

Security

Prompt Removal:

• Remove access on or before last day of employment
• For security incidents, remove immediately
• Don't delay due to administrative burden

Verification:

• Always verify you're removing the correct user
• Double-check email address
• Confirm with HR or manager before removal

Audit Trail:

• Document all user removals
• Note who removed them and when
• Include reason for removal
• Keep records for compliance

Process Management

Standard Operating Procedure:

Create a documented process:

1. Removal request form or ticket
2. Approval workflow
3. Checklist of steps
4. Documentation requirements
5. Verification process

Automation Integration:

• Integrate with HR systems when possible
• Automate removal on termination
• Use SCIM/SSO for centralized management
• Set up alerts for inactive users

Regular Audits:

• Monthly review of active users
• Quarterly access certification
• Annual comprehensive audit
• Remove users who shouldn't have access

Communication

Notify Relevant Parties:

• User (unless security incident)
• User's manager
• Team members who work with user
• IT/Security team

Sample Notification:

Subject: Kissmetrics Access Removal - [User Name]

Team,

[User Name]'s access to Kissmetrics has been removed as of [Date] due to [Reason].

Reports previously owned by [User Name] have been transferred to [New Owner].

If you have any questions or need access to specific reports, please contact [Contact Person].

Thank you,
[Your Name]

Troubleshooting

Cannot Remove User

Issue: Remove button is grayed out or missing

Possible Causes:

• User is the Account Owner (cannot be removed)
• You don't have permission to remove users
• User is managed by SSO/SAML

Solutions:

• Account Owner must transfer ownership first
• Contact an Admin or Owner for assistance
• For SSO users, remove via SSO provider
• Check your own permission level

User Still Has Access After Removal

Issue: User can still log in after removal

Immediate Actions:

1. Verify removal was saved (check team list)
2. Try removing again
3. Ask user to log out and try logging back in
4. Check if user has access through different email

If Problem Persists:

1. Contact Kissmetrics support immediately
2. Document the issue with screenshots
3. Consider changing account password as precaution

Accidentally Removed Wrong User

Issue: Removed incorrect team member

Immediate Fix:

1. Re-invite the user immediately
2. Restore their previous permission level
3. Apologize for the disruption
4. Verify they can access again

Prevention:

• Always double-check before confirming removal
• Implement approval workflow
• Use descriptive names in user list

Need to Restore Removed User

Scenario: User removed but needs access again

Solution:

1. Send a new invitation (see Add User Access)
2. Assign appropriate permissions
3. User accepts invitation
4. Note: Previous session data may not be restored

Best Practice:

• Consider downgrading instead of removing for temporary departures
• Use Read-Only for long-term inactive users

Bulk User Removal

For removing multiple users simultaneously:

Planning Bulk Removal

1. Create Removal List:

   • List all users to remove
   • Document reason for each
   • Get appropriate approvals
   • Identify any dependencies

2. Notify Stakeholders:

   • Inform affected users (unless security issue)
   • Notify team leads and managers
   • Alert IT/Security team
   • Provide timeline

3. Transfer Ownership:

   • Identify reports owned by users being removed
   • Assign new owners
   • Verify transfers complete

Execution

1. Remove Systematically:

   • Work through list one at a time
   • Check off each completion
   • Document each removal

2. Verify All Removals:

   • Confirm all users removed from team list
   • Test that removed users cannot log in
   • Document completion

3. Post-Removal:

   • Update access documentation
   • Notify relevant teams
   • Archive removal records

API-Based Removal

For programmatic user management:

# Remove user via API
curl -X DELETE https://api.kissmetrics.com/v1/users/{user_id} \
  -H "Authorization: Bearer YOUR_API_KEY"

Use Cases:

• Automated offboarding integration with HR systems
• Bulk removal scripts
• SSO/SCIM integration
• Scheduled cleanup of inactive users

Example: Automated Offboarding

#!/bin/bash
# Remove Kissmetrics access when employee offboarded

USER_EMAIL=$1
API_KEY="your-api-key"

# Get user ID from email
USER_ID=$(curl -s "https://api.kissmetrics.com/v1/users?email=${USER_EMAIL}" \
  -H "Authorization: Bearer ${API_KEY}" | jq -r '.id')

# Remove user
curl -X DELETE "https://api.kissmetrics.com/v1/users/${USER_ID}" \
  -H "Authorization: Bearer ${API_KEY}"

# Log removal
echo "$(date): Removed ${USER_EMAIL} from Kissmetrics" >> offboarding.log

Compliance and Record Keeping

Documentation Requirements

Record for Each Removal:

• User's name and email
• Date and time of removal
• Who performed the removal
• Reason for removal
• Approval documentation
• Any transfer of ownership performed

Example Record:

User Removal Log Entry

Date: 2024-03-15 14:30 UTC
Removed by: admin@company.com
User removed: john.doe@company.com
Reason: Employment terminated
Approved by: hr@company.com
Reports transferred: Yes (to jane.smith@company.com)
Notes: Standard offboarding procedure

Retention Policies

Keep Records For:

• Employment terminations: 7 years (varies by jurisdiction)
• Security incidents: Permanently
• Standard access reviews: 3-5 years
• Contractor removals: Duration of contract + 3 years

Audit Readiness

For SOC 2, ISO 27001, or similar compliance:

1. Documented Process: Written procedure for access removal
2. Approval Workflow: Required approvals documented
3. Timely Removal: Access removed within X hours of termination
4. Verification: Proof that access was removed
5. Regular Reviews: Quarterly attestation of active users

Next Steps

After removing user access:

1. Update Documentation: Reflect changes in access records
2. Transfer Ownership: Reassign reports and dashboards
3. Notify Team: Inform relevant stakeholders
4. Monitor: Watch for any issues with removed access
5. Archive Records: Store removal documentation appropriately

Related Documentation:

• Add User Access
• Update User Access
• User Management Overview