Remove the collaborator from Amplitude | OpsBlu Docs

Remove the collaborator from Amplitude

Deprovision organization and project access while maintaining compliance records.

Remove User Access

Follow this process when a collaborator no longer needs Amplitude access. Properly offboarding users protects your organization from unauthorized activity, maintains compliance with security policies, and ensures continuity of analytics workflows.

Removing a user from Amplitude can be permanent. Once deleted, you cannot restore their login credentials, dashboards, notebooks, or custom metrics they created. Always transfer ownership of critical assets and document the removal before proceeding.

When to Remove Users

Remove Amplitude access when:

  • An employee leaves the organization (resignation, termination, or retirement).
  • An agency or consultant contract ends and they no longer manage analytics.
  • A user changes roles and no longer requires Amplitude access.
  • Security or compliance teams request removal due to policy violations or audit findings.
  • A temporary contractor's project concludes and their access is no longer needed.
  • The user has been inactive for 90+ days and your organization enforces periodic access reviews.
  • Finance or legal requests removal to reduce liability or ensure data privacy.
  • Their project scope reduces to zero and they no longer need any project access.
  • SSO/SCIM provisioning removes the user from the identity provider group.

Deactivation Triggers

Common triggers that should prompt immediate user removal:

  • Employee termination: Revoke access on the same day to prevent unauthorized activity or data export.
  • Contract termination: Remove agency or consultant users within 24 hours of contract end.
  • Role change: If an analyst transitions to a non-analytics role, remove their access entirely.
  • Security incident: If credentials are compromised or suspicious activity is detected, immediately remove access and rotate ingestion keys.
  • Quarterly access review: Remove users who haven't logged in for 90+ days or are no longer with the organization.
  • Project sunset: If all projects a user had access to are archived, remove the user.
  • SSO removal: If removed from the IdP group, manually verify they can no longer access Amplitude.

Pre-Removal Assessment

Before removing a user, complete this assessment to avoid disrupting analytics workflows:

Identify owned assets

Check whether the user owns or created:

  • Dashboards: Custom dashboards they built that other team members rely on
  • Notebooks: Analysis notebooks with critical insights or documentation
  • Metrics: Custom metrics, formulas, or computed properties they defined
  • Cohorts: User segments or behavioral cohorts they created
  • Tracking Plans: Events or properties they defined or manage in Govern
  • Data pipelines: Export configurations, warehouse syncs, or integrations they set up
  • API keys: Ingestion keys or export keys they manage for automated workflows

Transfer ownership

For each asset identified:

  1. Go to the asset settings (dashboard, notebook, metric, cohort).
  2. Change the Owner field to an active Admin or appropriate team member.
  3. For tracking plans in Govern, reassign event ownership to another Tracking Plan Editor.
  4. For data pipelines, document which keys and integrations need new owners.
  5. Document the transfer in your ticketing system with the new owner's name.

Critical: Do not skip asset transfer. If you delete a user who owns active dashboards or metrics, those assets may become inaccessible or break dependencies in other reports.

Review project access

  1. Navigate to Settings → Members & Groups and open the user's account.
  2. Review all projects they have access to.
  3. Document which projects they can view and their role in each.
  4. Identify if they're the only Admin for any project (requires designating a replacement).

Confirm approval

Obtain written approval from:

  • The user's manager or department head
  • HR or Finance if due to termination or contract end
  • Security or Compliance if part of an audit or security incident
  • Data governance lead if user managed tracking plans or data quality

Save the approval email or ticket for your access log.

Removal Steps

Once you've completed the pre-removal assessment:

Step 1: Access user management

  1. Sign in to Amplitude as an Admin or Organization Owner.
  2. Navigate to Settings → Members & Groups.
  3. Locate the user in the Members table.
  4. You can use the search box to find them by name or email.

Step 2: Review current access

  1. Click on the user's name or Edit icon.
  2. Review their current:
    • Organization role (Admin, Member)
    • Project assignments and roles
    • Add-on module permissions (Govern, Experiment, Accounts)
    • Last login date
  3. Screenshot this page for your access log before making changes.

Step 3: Remove project access (optional partial removal)

If the user should lose access to specific projects but remain active on others:

  1. Under the Projects section, find the projects they should no longer access.
  2. Change the project role to No Access or uncheck the project entirely.
  3. Save the changes.
  4. Document which projects were removed and why.

This is useful when a contractor's scope narrows but doesn't fully terminate.

Step 4: Downgrade organization role (optional)

If the user should lose organization-level privileges but retain project access:

  1. Change the Organization Role from Admin to Member or No Access.
  2. This removes their ability to manage billing, SSO, organization settings, or invite new users.
  3. Save the changes.

Step 5: Full user deletion

If the user should be completely removed from Amplitude:

  1. From the user's profile, click Remove from Organization or Delete User.
  2. Amplitude will prompt you to confirm the deletion.
  3. Confirm by clicking Remove or Delete.
  4. The user will immediately lose access to all projects and organization settings.
  5. Their account will no longer appear in the Members list.

Note: If SSO provisions the account, also remove them from the IdP group to prevent automatic re-provisioning.

Step 6: Verify removal

  1. Refresh the Members & Groups page and confirm the user no longer appears.
  2. Search for their email to ensure no duplicate accounts exist.
  3. Check that dashboards and notebooks were successfully transferred to new owners.
  4. Screenshot the updated Members list showing the user removed.

Post-Removal Tasks

After removing the user:

Rotate credentials

If the user had access to sensitive credentials:

  • Ingestion API keys: Rotate any project tokens or API keys they managed.
  • Export keys: Regenerate any export API keys or data warehouse credentials.
  • Integration tokens: Update third-party integrations (Slack, webhooks, etc.) that used their credentials.

Document which credentials were rotated and notify affected teams.

Update documentation

  • Access log: Record user email, date removed, reason, approver name, assets transferred, credentials rotated.
  • SSO/IAM system: Remove the user from any Amplitude-related groups in your identity provider.
  • Internal roster: Update your team roster, org chart, or RACI matrix.
  • Runbooks: Update any documentation that referenced the removed user as a contact or owner.

Notify stakeholders

  • Inform the user (if appropriate) that their Amplitude access has been revoked.
  • Alert new asset owners that they now own dashboards, notebooks, metrics, or cohorts.
  • Update the team via Slack or email that the user no longer has access.
  • Notify security team if removal was due to a security incident.

Audit remaining users

  • Scan the Members table for other accounts that may need removal or downgrade.
  • Flag users with Admin or Organization Owner access who no longer require it.
  • Identify users who haven't logged in recently (check Last Login column).

Review audit logs

  1. Navigate to Settings → Access Logs or Audit Logs.
  2. Filter by the removed user's email.
  3. Review their recent activity (dashboards viewed, data exports, changes made).
  4. Export the audit log entries and archive them with your compliance records.

Schedule next review

  • Add the removal to your quarterly access review log.
  • Set a reminder to review all Amplitude users in 90 days.
  • Include Amplitude access in onboarding/offboarding checklists.

Emergency Removal Procedures

For immediate security threats (compromised credentials, malicious activity):

  1. Immediately delete the user without waiting for asset transfer.
  2. Rotate all API keys and tokens the user had access to.
  3. Review audit logs for suspicious activity (mass data exports, unexpected changes).
  4. Notify security team and document the incident.
  5. Transfer asset ownership after the emergency removal.
  6. Investigate impact: Check if any data was exported or if changes need to be reverted.

Troubleshooting

Cannot delete user because they own active dashboards:

  • Transfer ownership of all dashboards and notebooks first, then retry deletion.
  • Use the Dashboards section to filter by owner and reassign all items.
  • If blocked, contact Amplitude support for assistance.

User was deleted but can still log in:

  • Check if they have access to multiple Amplitude organizations.
  • Verify they were removed from all organizations, not just one.
  • If using SSO, ensure they were removed from the IdP group.
  • Contact Amplitude support if the issue persists.

Need to restore a deleted user:

  • Deletion is permanent; you cannot restore the user account.
  • Send a new invitation if they need access again.
  • Previously owned dashboards and metrics won't be automatically restored.

User removed from IdP but still has Amplitude access:

  • SSO provisioning may have a delay; wait 15-30 minutes and check again.
  • Manually remove the user from Amplitude if SCIM deprovisioning isn't working.
  • Verify SCIM configuration with your IT team.

Dashboards broke after user removal:

  • Check if dashboards referenced metrics or cohorts owned by the removed user.
  • Transfer ownership of all dependencies before removing users.
  • Recreate broken metrics or cohorts if necessary.

Best Practices

  • Remove access on the same day as termination or contract end, ideally within hours.
  • Always transfer asset ownership before deleting to avoid broken dashboards.
  • Screenshot before and after every removal for compliance documentation.
  • Run quarterly access reviews to catch stale accounts and unused licenses.
  • Document every removal with date, reason, approver, and assets transferred.
  • Verify no orphaned assets after deletion by checking dashboards and notebooks.
  • Use SSO/SCIM for automated provisioning and deprovisioning when possible.
  • Maintain least privilege: Remove users proactively when they no longer need access.

Common Use Cases

Employee termination

  1. Receive termination notification from HR
  2. Review user's current access and owned assets
  3. Transfer all dashboards, notebooks, metrics, and cohorts to their manager
  4. Delete the user on their last day or immediately if security risk
  5. Rotate any API keys or integration tokens they managed
  6. Export audit logs for compliance
  7. Document removal with HR ticket reference
  8. Update team roster and access documentation

Agency or consultant contract ends

  1. Confirm end date with procurement or project manager
  2. Review which projects and assets they have access to
  3. Transfer ownership of tracking plans, dashboards, and custom metrics to internal team
  4. Remove user from all projects or delete entirely
  5. Ensure they're removed from SSO group if applicable
  6. Rotate any shared API keys or credentials
  7. Update vendor contact list and access matrix
  8. Document removal with contract reference

Role change to non-analytics role

  1. Confirm the role change with HR or manager
  2. Assess if any read-only access is needed for their new role
  3. Transfer ownership of all assets they created
  4. Delete user if no access needed, or downgrade to Viewer if read-only reporting is needed
  5. Remove from Slack channels or Amplitude notification integrations
  6. Document the change with role change effective date
  7. Update team documentation

Quarterly access review cleanup

  1. Export current Members list from Amplitude
  2. Cross-reference against HR roster and active employees
  3. Identify users who left the organization or haven't logged in for 90+ days
  4. For each inactive user:
    • Review owned assets and transfer if needed
    • Document reason for removal
    • Delete user
  5. Export updated Members list and compare to original
  6. Document all removals in access review report
  7. Present findings to security or compliance team

Security incident response

  1. Security team identifies compromised credentials or suspicious activity
  2. Immediately delete the user to stop potential data breach
  3. Rotate all API keys and tokens associated with the user
  4. Review audit logs for unauthorized activity:
    • Data exports
    • Dashboard or tracking plan changes
    • User invitations
    • Integration modifications
  5. Document all suspicious activity with timestamps
  6. Transfer asset ownership after emergency removal
  7. Report findings to security team and CISO
  8. Update incident response documentation

SSO deprovisioning

  1. User is removed from IdP group (Okta, Azure AD, etc.)
  2. Verify SCIM deprovisioning removes them from Amplitude automatically
  3. If manual removal needed, follow standard removal process
  4. Confirm user can no longer authenticate via SSO
  5. Document removal with IdP change reference
  6. Audit other SSO-provisioned accounts for accuracy
返回顶部