Snapchat Ads Remove User Access | OpsBlu Docs

Snapchat Ads Remove User Access

Secure process for removing user access from Snapchat Ads accounts during offboarding.

Remove Access Overview

This guide provides a comprehensive checklist for securely removing user access from Snapchat Ads accounts during offboarding, role changes, or security incidents.

When to Remove Access

Immediate Removal Triggers

  • Employee termination - Day of departure
  • Security incident - Suspicious account activity
  • Unauthorized access - Access granted in error
  • Contract violation - Policy breach

Scheduled Removal Triggers

  • Employee resignation - Last working day
  • Contractor end date - Project completion
  • Vendor termination - Service agreement ends
  • Role change - No longer needs access
  • Account consolidation - Moving to different account

Pre-Removal Checklist

Critical Tasks BEFORE Removing Access

## Pre-Removal Tasks

### Asset Ownership Transfer
- [ ] Identify all campaigns owned by user
- [ ] Transfer campaign ownership to active admin
- [ ] Identify pixels created by user
- [ ] Transfer pixel ownership
- [ ] Identify audiences created by user
- [ ] Transfer audience ownership
- [ ] Identify catalogs managed by user
- [ ] Transfer catalog ownership

### Data & Reports
- [ ] Export reports user was responsible for
- [ ] Transfer scheduled reports to other users
- [ ] Save any custom dashboards they created
- [ ] Document any unique configurations

### API & Integrations
- [ ] Identify API tokens generated by user
- [ ] Rotate or revoke API tokens
- [ ] Update any integrations using their credentials
- [ ] Document third-party tools they configured

### Billing & Finance
- [ ] If user had Finance role, assign to new person
- [ ] Update billing contacts if necessary
- [ ] Document any pending invoices
- [ ] Transfer payment responsibility

### Communication
- [ ] Notify team of user's departure
- [ ] Identify replacement for their responsibilities
- [ ] Update distribution lists and email aliases
- [ ] Document institutional knowledge

Removal Process

Method 1: Via Business Manager

Step 1: Access Business Manager

  1. Go to business.snapchat.com
  2. Log in with admin account
  3. Select your organization

Step 2: Navigate to Members

  1. Click Settings in left sidebar
  2. Select Members
  3. Find the user to remove

Step 3: Review User's Access

Before removing, document:

  • Business role (Admin or Member)
  • Ad accounts they have access to
  • Role in each ad account
  • Assets they can access (pixels, catalogs, audiences)
  • Last login date
  • Date access was originally granted

Step 4: Remove from Ad Accounts

Option A: Remove from specific ad accounts only

  1. Click on user's name
  2. Under Ad Accounts, find each account
  3. Click Remove (X) next to account
  4. Repeat for all accounts

Option B: Remove from Business Manager entirely

  1. Click on user's name
  2. Scroll to bottom
  3. Click Remove from Business
  4. Confirm removal
  5. User loses access to all ad accounts and assets

Step 5: Confirm Removal

  1. User should no longer appear in Members list
  2. If partial removal, verify removed from correct accounts
  3. Take screenshot for audit trail

Method 2: Via Ads Manager Direct

Step 1: Access Ads Manager

  1. Go to ads.snapchat.com
  2. Select correct ad account
  3. Click Settings (gear icon)
  4. Select Members

Step 2: Remove User

  1. Find user in members list
  2. Click Remove (trash icon) next to their name
  3. Confirm removal in dialog box
  4. Take screenshot before confirming

Step 3: Verify Removal

  1. User should disappear from members list
  2. Changes take effect immediately
  3. User cannot access account anymore

Post-Removal Checklist

Immediate Actions (Same Day)

## Post-Removal Tasks - Day 1

### Access Verification
- [ ] Verify user no longer in Members list
- [ ] Confirm user cannot log into account
- [ ] Check all ad accounts if using Business Manager
- [ ] Verify removed from shared assets

### Security
- [ ] Rotate shared passwords (if any)
- [ ] Revoke API tokens they created
- [ ] Update OAuth applications
- [ ] Review recent account activity for anomalies

### Documentation
- [ ] Capture removal screenshot
- [ ] Update access log with removal date
- [ ] Document reason for removal
- [ ] Store in compliance archive
- [ ] Update internal roster/directory

### Communication
- [ ] Notify IT/Security team
- [ ] Update team distribution lists
- [ ] Inform relevant stakeholders
- [ ] Close access request ticket

Follow-Up Actions (Within Week)

## Post-Removal Tasks - Week 1

### Asset Audit
- [ ] Verify all campaigns reassigned
- [ ] Verify all pixels reassigned
- [ ] Verify all audiences reassigned
- [ ] Check for orphaned assets

### Business Continuity
- [ ] Confirm replacement has access
- [ ] Transfer knowledge documented
- [ ] Scheduled reports still running
- [ ] Integrations still functioning

### Compliance
- [ ] Add to next quarterly audit review
- [ ] Update offboarding documentation
- [ ] File screenshots in secure location
- [ ] Update access control matrix

Special Scenarios

Removing Last Admin

Problem: Cannot remove the last admin from an account

Solution:

  1. Add another user as admin first
  2. Verify new admin has access
  3. Then remove original admin
  4. Never leave account with zero admins

Steps:

  1. Identify replacement admin
  2. Add them with Admin role (see Add User Access)
  3. Verify new admin can log in
  4. Transfer any owned assets to new admin
  5. Now remove original admin

Emergency Removal (Security Incident)

Immediate Actions:

  1. Remove access immediately (don't wait for asset transfer)
  2. Rotate all API tokens in the account
  3. Review recent changes they made
  4. Check for unauthorized campaigns or changes
  5. Contact Snapchat support if suspicious activity detected
  6. Document incident thoroughly
  7. Notify security team and management

Security Incident Checklist:

## Security Incident - Emergency Access Removal

Incident Date/Time: [Date & Time]
User Removed: [Email]
Removed By: [Admin Name]
Reason: [Security incident details]

Immediate Actions Taken:
- [ ] User access removed (timestamp: _____)
- [ ] All API tokens rotated
- [ ] Recent account activity reviewed
- [ ] Unauthorized changes identified (if any)
- [ ] Snapchat support contacted (ticket #: _____)
- [ ] Security team notified
- [ ] Management notified
- [ ] Incident report filed

Follow-Up Required:
- [ ] Forensic review of all changes
- [ ] Legal/HR consultation
- [ ] Policy review
- [ ] Security training for team

Removing Contractor/Agency

Unique Considerations:

  • May have access to multiple accounts
  • May have created shared assets
  • May have integrations set up
  • May need transition period

Process:

  1. 30 Days Before End Date:

    • Notify contractor of upcoming removal
    • Request knowledge transfer
    • Document all assets they created
    • Plan transition timeline

  2. 7 Days Before:

    • Backup all their work
    • Train replacement
    • Prepare asset transfer plan

  3. Last Day:

    • Transfer all assets
    • Export any final reports
    • Remove access
    • Collect login credentials (if shared)

  4. After Removal:

    • Verify access removed from all accounts
    • Confirm no backdoor access exists
    • Update vendor list

Asset Transfer Process

Transfer Campaign Ownership

Via Ads Manager:

  1. Go to Campaigns tab
  2. Find campaigns owned by departing user
  3. Select campaign
  4. Click Settings
  5. Change Owner to new admin
  6. Save changes
  7. Repeat for all campaigns

Transfer Pixel Ownership

Via Events Manager:

  1. Go to Events Manager
  2. Select pixel created by departing user
  3. Click Settings
  4. Under Access, add new owner as admin
  5. Remove departing user
  6. Save changes

Transfer Audience Ownership

Via Ads Manager:

  1. Go to Assets > Audiences
  2. Find audiences created by user
  3. Select audience
  4. Click Share
  5. Add new owner
  6. Remove departing user
  7. Save changes

Documentation Requirements

Removal Record Template

## Snapchat Ads Access Removal Record

### User Information
- Name: [Full Name]
- Email: [Email Address]
- Department: [Department]
- Position: [Job Title]
- Last Working Day: [Date]

### Access Details
- Ad Account(s): [List all account IDs/names]
- Roles: [List roles in each account]
- Business Manager Access: [Yes/No]
- Pixel Access: [List pixels]
- Catalog Access: [List catalogs]
- API Tokens: [Number of tokens, all revoked]

### Removal Details
- Removal Date: [Date & Time]
- Removed By: [Admin Name & Email]
- Removal Method: [Business Manager / Ads Manager Direct]
- Reason: [Termination / Resignation / Role Change / etc.]

### Asset Transfer
- Campaigns Transferred: [Count] to [New Owner Email]
- Pixels Transferred: [Count] to [New Owner Email]
- Audiences Transferred: [Count] to [New Owner Email]
- Reports Transferred: [Count] to [New Owner Email]

### Security Actions
- [ ] API tokens revoked
- [ ] Shared passwords rotated
- [ ] OAuth applications updated
- [ ] Recent activity reviewed
- [ ] No suspicious activity found

### Approvals
- Manager Approval: [Name] - Date: [Date]
- Security Team Notified: [Name] - Date: [Date]
- Removal Confirmed: [Admin] - Date: [Date]

### Audit Trail
- Screenshot Filename: [filename.png]
- Stored Location: [secure file location]
- Access Log Updated: [Yes/Date]
- Compliance Archive: [Yes/Date]

Required Screenshots

Capture screenshots showing:

  1. Before removal: User in members list with roles
  2. Confirmation dialog: Removal confirmation message
  3. After removal: Members list without user
  4. Asset transfers: Each asset transferred (if applicable)

Compliance & Audit

Quarterly Offboarding Review

Review all removals from previous quarter:

## Q[X] 20XX Offboarding Audit

Total Users Removed: [Count]
Reasons:
- Termination: [Count]
- Resignation: [Count]
- Role Change: [Count]
- Other: [Count]

Issues Identified:
- [List any problems encountered]

Process Improvements:
- [List improvements made to process]

Asset Transfer Success Rate: [%]
Average Removal Time: [Time from request to completion]
Documentation Complete: [Yes/No for each removal]

Troubleshooting

Common Issues

Issue Cause Solution
Can't remove user Not an admin Ask another admin to remove
Can't remove last admin Platform restriction Add another admin first
User still has access after removal Cache/session Wait 5-10 minutes, user may need to log out
Assets orphaned Owner removed Assign assets to new owner before removal
API still working Token not revoked Manually revoke all tokens

Error Messages

Message Meaning Resolution
"Cannot remove last admin" No other admins Add another admin before removing
"User has active campaigns" Owns campaigns Transfer campaigns first
"You don't have permission" Not an admin Ask admin to remove user

Best Practices

Security

  1. Remove access on last working day - Not before, not after
  2. Document everything - Screenshots, dates, reasons
  3. Revoke API access - Tokens can work after UI access removed
  4. Review recent activity - Check for suspicious changes
  5. Rotate shared credentials - Any passwords they knew

Process

  1. Start early - Begin asset transfer before departure
  2. Communicate clearly - Keep everyone informed
  3. Follow checklist - Don't skip steps
  4. Verify completion - Confirm all access removed
  5. Learn and improve - Update process based on experience

Communication

Notify stakeholders:

  • IT/Security team
  • Finance team (if they had billing access)
  • Campaign managers (if they owned campaigns)
  • Analytics team (if they created reports)
  • Management (for audit trail)

Next Steps

After removing access:

  1. Verify removal complete - Check all systems
  2. Update documentation - Access logs, org charts
  3. Monitor for issues - Watch for broken processes
  4. Plan for replacement - Hire or redistribute work
  5. Schedule audit review - Add to next quarterly review

Resources

返回顶部