Remove LogRocket User Access | OpsBlu Docs

Remove LogRocket User Access

How to revoke user access and offboard team members from Logrocket. Covers account deletion, API key revocation, partial access removal, and security.

Follow this workflow to safely remove collaborator access from LogRocket when contracts end or roles change.

When to Remove Access

Remove access when:

  • Contract or engagement ends
  • Collaborator changes roles and no longer needs LogRocket access
  • Security review identifies unnecessary access
  • Temporary access period expires
  • Project completion and handoff is complete

Prerequisites

  • Verify removal request is approved and documented
  • Identify all apps the collaborator has access to
  • Catalog API keys created by or for the collaborator
  • Document any dashboards, filters, or configurations created by the collaborator
  • Ensure knowledge transfer is complete
  • Confirm you have Organization Admin or Owner rights

Removal Workflow

Step 1: Document Current Access

Before removing access, document the collaborator's current state:

  1. Navigate to Settings → Organization → Team.
  2. Find the collaborator in the team list.
  3. Document:
    • Organization role
    • Apps they have access to and their roles
    • Date access was originally granted
    • Last active date (if visible)
  4. Navigate to Settings → API Keys.
  5. Document any API keys created by the collaborator:
    • Key name
    • Permissions
    • Last used date
    • Purpose
  6. Take screenshots of current access for audit trail.
  7. Export Activity Log from Settings → Activity.

Step 2: Remove App-Level Access

Remove access to individual apps before removing from organization:

  1. Navigate to Settings → Organization → Team.
  2. Find the collaborator in the team list.
  3. Click the Apps column.
  4. For each app:
    • Click the X or Remove button next to the app name.
    • Confirm removal.
  5. Verify the collaborator no longer appears in any app's team list.

Why remove app access first?

  • Provides audit trail of which apps were accessed
  • Allows gradual access reduction if needed
  • Ensures complete removal before organization removal

Step 3: Revoke API Keys

Rotate or delete API keys associated with the collaborator:

  1. Navigate to Settings → API Keys.
  2. For each key created by the collaborator:
    • Click Delete or Revoke.
    • Confirm deletion.
    • Document key name and deletion date.
  3. If keys are used in integrations or CI/CD:
    • Create new keys under a service account or different user.
    • Update integration configurations with new keys.
    • Test integrations before deleting old keys.
    • Delete old keys after verifying new keys work.

Step 4: Remove Organization Access

After removing app access and revoking API keys:

  1. Navigate to Settings → Organization → Team.
  2. Find the collaborator in the team list.
  3. Click the Remove or Delete button next to their name.
  4. Confirm removal.
  5. Verify the collaborator no longer appears in the team list.

Step 5: Handle Created Artifacts

Review and transfer ownership of artifacts created by the collaborator:

Dashboards & Filters:

  • Identify dashboards or filters created by the collaborator.
  • Transfer ownership to another team member if needed.
  • Document which artifacts were created by the collaborator.

Integrations:

  • Review integrations configured by the collaborator.
  • Update configuration to use service account credentials.
  • Test integrations after credential changes.

Source Maps:

  • Verify source map uploads are configured with service account API keys.
  • Update CI/CD pipelines if needed.

Step 6: Document Removal

Update your IAM tracker with removal details:

  1. Document in access removal ticket:
    • User email
    • Removal date
    • Apps removed from
    • API keys revoked
    • Organization role before removal
    • Reason for removal
    • Approver
  2. Export Activity Log showing removal actions.
  3. Take screenshot of team list showing user no longer present.
  4. File documentation with offboarding ticket.

SSO/SCIM Considerations

If your organization uses SSO or SCIM:

  1. Update identity provider first:
    • Remove user from LogRocket groups in IdP (Okta, Azure AD, etc.).
    • Trigger SCIM sync if available.
  2. Verify in LogRocket:
    • Confirm user was automatically removed or downgraded.
    • If not, manually remove using steps above.
  3. Document both:
    • Record IdP group removal and LogRocket verification.

API Key Rotation for Integrations

If the collaborator created API keys used in integrations:

For Source Map Uploads:

# Create new API key in LogRocket dashboard
# Update CI/CD environment variables

# Old configuration
LOGROCKET_API_KEY=old_key_created_by_collaborator

# New configuration
LOGROCKET_API_KEY=new_key_created_by_service_account

# Test source map upload
logrocket upload --app your-app --release 1.0.0 ./build

# Verify upload succeeded
# Delete old API key in LogRocket dashboard

For Integrations (Sentry, Slack, etc.):

  1. Create new API key with same permissions.
  2. Update integration configuration with new key.
  3. Test integration (send test event).
  4. Verify integration works with new key.
  5. Delete old API key.

After Removal

  • Notify the collaborator that access has been removed (if appropriate).
  • Verify the collaborator cannot log in to LogRocket.
  • Confirm API keys are revoked (test if possible).
  • Review Activity Log to ensure no unexpected actions.
  • Update access tracking spreadsheet or database.
  • Set calendar reminder for periodic access review (e.g., quarterly).

Troubleshooting

  • User can still log in: Check SSO/SCIM mappings. User may be re-provisioned automatically. Remove from IdP groups.
  • API keys still working: API keys persist until explicitly deleted. Go to Settings → API Keys and delete manually.
  • Integrations broken after removal: Collaborator's API keys were in use. Create new keys and update integration configurations.
  • Cannot remove user: Verify you have Organization Admin or Owner role. Contact LogRocket support if issue persists.

Emergency Removal

For immediate access removal (security incident, immediate termination):

  1. Immediately remove from organization:

    • Go to Settings → Organization → Team.
    • Click Remove next to collaborator.
    • Confirm removal.

  2. Revoke all API keys:

    • Go to Settings → API Keys.
    • Delete all keys created by collaborator.
    • Accept that integrations may break (fix after removal).

  3. Reset passwords/MFA (if applicable):

    • If collaborator had shared credentials, reset them.

  4. Notify team:

    • Alert team that access was removed.
    • Identify and fix any broken integrations.

  5. Document incident:

    • Record emergency removal in security log.
    • Document reason, approver, date/time.
    • Export Activity Log.

  6. Follow-up:

    • Review Activity Log for any suspicious activity.
    • Rotate remaining API keys as precaution.
    • Audit access for other platforms.

Validation Checklist

  • Current access documented (org role, apps, API keys)
  • Screenshots taken and Activity Log exported (before removal)
  • App-level access removed from all apps
  • API keys revoked or rotated
  • Integrations updated with new API keys (if applicable)
  • Organization access removed
  • User no longer appears in team list
  • Collaborator cannot log in (verified)
  • Created artifacts transferred or documented
  • Removal documented in IAM tracker
  • Activity Log exported showing removal actions
  • Screenshots filed showing final state
  • Knowledge transfer completed (if applicable)
  • SSO/SCIM groups updated (if applicable)

Example Removal Log

Removal Request: #9012

User: jane@collaborator.com

Date Removed: 2024-06-30

Requested By: Project Manager

Approved By: Security Lead

Reason: Contract ended, project complete

Access Before Removal:

  • Organization Role: Admin
  • Production App: Admin
  • Staging App: Member
  • API Keys:
    • Production Source Maps (read/write) - Revoked
    • Sentry Integration (read-only) - Revoked

Actions Taken:

  1. Removed from Production App (Admin → Removed)
  2. Removed from Staging App (Member → Removed)
  3. Revoked API key: Production Source Maps
  4. Revoked API key: Sentry Integration
  5. Created new API keys under service account
  6. Updated CI/CD with new source map upload key
  7. Updated Sentry integration with new API key
  8. Removed from organization
  9. Verified user cannot log in

Documentation:

  • Screenshots: Before/after team list
  • Activity Log: Exported and filed
  • API Keys: New keys documented in credential vault
  • Artifacts: 3 dashboards transferred to internal team

Verification:

  • User confirmed removed: 2024-06-30 15:30 UTC
  • API keys confirmed revoked: 2024-06-30 15:35 UTC
  • Integrations tested and working: 2024-06-30 16:00 UTC
Nach oben