Delete users from an environment

This article covers the various levels and methods of user deletion in Microsoft Power Platform that involves the following components: Microsoft 365 admin center, Microsoft Entra ID, and Power Platform admin center.

Watch this video for a detailed walkthrough of how to delete users from your environment:

Note

Before deleting a user from an environment, you must delete the user from Microsoft 365 admin center or Microsoft Entra ID.

Delete users in Microsoft 365 admin center

Admins must use the Microsoft 365 admin center to delete users:

  1. Sign in to Microsoft 365 admin center.

  2. Select Users > Active users page.

  3. Select the names of the users you want to delete, and then select Delete user.

Although you deleted the user's account, you're still paying for the license. To stop paying for the license, follow the procedures in Delete a user from your organization. Or, you can assign the license to another user. It won't be assigned to anyone automatically.

About deleted users

When a user is deleted from the Microsoft 365 admin center, the user isn't removed from environments in which they're active. Instead, the user's status is set to Disabled in Power Platform.

The following lists the scenarios when a user is deleted:

  • If the user is in the environment and has a status of Enabled, the status is updated to Disabled.
  • If the user is in the environment and has a status of Disabled, the status remains as Disabled.
  • If the user isn't present in the environment, no action is taken.

It can take from 30 minutes to 6 hours for a user's status to be updated in an environment after the user is deleted from the Microsoft 365 admin center. If you need to update the user status immediately, you can follow the steps in User diagnostics to see what needs to be done to restore the user.

Run diagnostics results.

Note

A user deleted from the Microsoft 365 admin center is put on the Deleted user list for thirty days and can be restored as mentioned in next section.

Restore deleted users

  1. In the Microsoft 365 admin center, go to the Users > Deleted users page.

  2. Select the name of the user you want to re-enable, select Restore user, and then proceed through various pages.

  3. Reassign licenses as needed to the user in the Microsoft 365 admin center.

Note

You can restore deleted users up to 30 days after deletion. When a deleted user is restored and a license is reassigned, the user's status is set to Enabled in the respective Power Platform environments in which the user was disabled.

Permanently delete users in Microsoft Entra ID

After the thirty-day window from the date you delete users in the Microsoft 365 admin center, the user account is permanently deleted in Microsoft Entra by an automatic deletion process.

If you want to permanently delete the user manually without waiting for thirty days when the user account is automatically deleted, you can do so by using the Microsoft Entra option in the Azure portal by following the instructions here: Permanently delete a user.

Enable the Delete disabled users feature

The Delete disabled users feature must be enabled in the environment where you want to delete users.

  1. In the Power Platform admin center, select an environment.
  2. Select Settings > Product > Features.
  3. Scroll through the list and to find the Delete disabled users area.
  4. Set the Enable delete disabled users setting to On.
  5. Select Save to save your changes.

[Note] This feature flag is to enable the Delete disabled users functionality for the environment on the Power Platform admin center. You don't need to enable this feature flag if you are using the client's User form.

Delete users in Power Platform

Users deleted from the Microsoft 365 admin center can remain in Power Platform environments with a Disabled status. These users can be deleted permanently from Power Platform environments. Deleting users from Power Platform environments goes through the similar deletion stages as in Microsoft Entra ID. When you first delete the user in the Power Platform environment, the disabled user is first soft deleted, and then you can permanently delete the user.

Important

  • Not all users with a Disabled status can be deleted. A user can be in a Disabled status in Power Platform environment and still be active in Microsoft Entra ID. The user can be in this disabled state when the license was removed or the user was removed from the security group of the environment. The user can also be disabled by updating the Status field. Customizing the User form by allowing the Status field to be updated is required.

View the list of disabled users

  1. In the Power Platform admin center, select an environment.

  2. Select Settings > Users + permissions > Users.

  3. In the top menu bar, select Manage users in Dynamics 365.

  4. From the drop-down menu, select Disabled users.

Disabled Microsoft Entra user stages

Stage Microsoft 365 admin center Power Platform admin center
Action State User state Action User delete Content
1a Admin deletes user Soft deleted​ Disabled​ User management process disables the user and updates the UPN, email, etc. Not allowed - Delete button is hidden User is soft deleted in Microsoft Entra and can be restored. Once restored, the user is automatically reactivated in Dataverse.
1b Admin restores user Active Active User management process activates user and restores UPN Not allowed - Delete button is hidden​ N/A
2 Admin permanently deletes user​ Hard deleted – user no longer exists in Microsoft Entra ID Disabled User Details should check if user exists in Microsoft Entra ID, and if user doesn’t exist, delete is allowed Allowed – Delete button is visible​ User is hard deleted in Microsoft Entra and can't be restored. User can now be soft deleted in Dataverse.
3 Disabled Dataverse admin deletes the user Allowed – Delete button is visible User is soft deleted in Dataverse. User can now be permanently deleted in Dataverse.
4 Disabled Dataverse admin permanently deletes the user Allowed – Permanently Delete button is visible​ User is deleted in Dataverse. User no longer exists in Dataverse, all references to the user in Dataverse in the Audit logs show ‘Not available’.

Soft delete users in Power Platform

At the Microsoft Entra soft deleted stage, the user can't be deleted in Power Platform because the user can be restored from the Microsoft 365 admin center. When the user is restored, the user is automatically restored in Power Platform environments with an Enabled status and the above fields are reset back to its original state.

To soft delete a user in a Power Platform environment, the user must first be deleted permanently in Microsoft Entra ID. This applies to regular users and not the application users or stub users. Users deleted from the Microsoft 365 admin center are deleted permanently after 30-days or they can be permanently deleted manually.

There are two ways to soft delete users.

Option A: Soft delete users from the Disabled users view

  1. Permanently delete the user in Microsoft Entra ID. Go to Permanently delete users in Microsoft Entra ID earlier in this article.

  2. In the Power Platform admin center, select an environment.

  3. Select Settings > Users + permissions > Users.

  4. In the top menu bar, select Manage users in Dynamics 365.

  5. From the drop-down menu, select Disabled users.

  6. Select a user from the list.

  7. On the User Form, choose the Delete button.

The user still exists in the environment as disabled and continues to show in the Disabled Users list. To permanently delete from the environment, go to Permanently delete users in Power Platform later in this article.

Option B: View and soft delete disabled users who were permanently deleted from Microsoft Entra ID

  1. In the Power Platform admin center, select an environment.

  2. Select Settings > Users + permissions > Users.

  3. From the top menu bar, select Filter.

    Select Filter from the top menu.

  4. From the drop-down menu, select Users not in AAD but exist in the environment.

  5. Select the disabled user you want to delete.

  6. On the User Form, select Delete.

  7. Select Refresh list to update the list and confirm deletion.

Note

All records that are owned by the soft deleted user must first be reassigned to another user before the user record can be permanently deleted. You can reassign the records from the same User details panel under the Manager section.

What happens when a user is soft deleted?

  • The user record still exists in the environment and continues to have a Disabled status.
  • The user can't be restored.
  • The user's security role is unassigned.
  • The user is removed from all teams.
  • The user's queue, profile, business unit entity map, shared records (principal object access), principal entity business unit map, and system user principal records are deleted.

Audit log after user is soft deleted

The name of the deleted user continues to show in the audit log records where the user was the creator or modifier of the record.

Permanently delete users in Power Platform

You can delete and remove users with disabled status in Power Platform. You may want to delete users with disabled status because of the following reasons:

  • They are no longer active in the tenant
  • They moved out of the environment’s security group
  • They no longer have a license to use the application
  • To comply with regulatory compliance, such as GDPR

Prerequisites

  • The user must already be soft deleted. See Soft delete users in Power Platform earlier in this article.
  • All records owned by the user must be reassigned to another user. User records can be reassigned from the User settings page.
  • You must have turned on the Delete disabled users (preview) > Enable delete disabled users feature setting for your environment using the Power Platform admin center. More information: Manage feature settings.

Permanently delete users

  1. In the Power Platform admin center, select an environment.

  2. Select Settings > Users + permissions > Users.

  3. From the top menu bar, select Filter.

    Select Filter from the top menu.

  4. From the drop-down menu, select Users not in AAD and soft deleted in the environment.

  5. Select a soft deleted user to delete the user permanently in the Power Platform environment. Only users who were soft deleted can be deleted permanently.

  6. On the user form, select Delete.

  7. Select Refresh list to update the list and confirm deletion.

Note

After users are permanently deleted in Entra ID, any new user record created with the details of a deleted user is a new user object in Entra ID. Such user IDs can't be updated to gain access to the deleted user records in Dataverse. You can re-assign records from the deleted user to the new user.

Audit log after user is permanently deleted

Once permanently deleted, the name of the deleted user no longer shows in the audit log records when the user was the owner, creator, or modifier of the record. For the record owner, the name is replaced with Record Unavailable in these audit records. For the record creator or modifier, the name is replaced with No Name in these audit records.

Created by and Modified by name

Once permanently deleted, the name of the deleted user no longer shows in the Created by and the Modified by fields for records that the deleted user created and for records that the deleted user last modified. These fields will show No Name and if you clicked on it, you will see a message that the 'Record is unavailable'. The deleted user's systemuserid is still in these records.

Bulk delete users in Power Platform

Users with a disabled status can be deleted, in bulk, using the Remove a large amount of specific, targeted data with bulk deletion article. You can create bulk delete jobs to soft delete and to permanently delete users.

Soft delete users in Power Platform in bulk

  1. In the Power Platform admin center, select an environment.

  2. Select Settings > Data management > Bulk deletion.

  3. Select New to start the Bulk Deletion Wizard, which creates a bulk deletion job with the soft delete users you want to delete.

  4. Click Next.

  5. In the Look for drop-down menu, select the Users table.

  6. In the Use Saved View drop-down menu, select the Users deleted in tenant but exist in the environment view.

    Note

    You can create your own equivalent view to meet your record retention policy. For example, you can add other search criteria, such as the Azure Deleted On date and specify Older than X months with a value of 3 months to soft delete any users who were deleted from the tenant more than three months ago. Note that this Azure Deleted On date is a newer column created in 2022 which means that the value is null for users deleted in the tenant prior to 2022.

  7. Select the Preview Records button to see the list of users that can be soft deleted.

  8. Select Next.

  9. In the Name field, enter a name for your bulk deletion job.

  10. Select a date and time to start the job.

  11. Optional: Select the Run this job after every check box and set a frequency (in days).

    Note

    We recommend that you set this option to soft delete your users on a scheduled basis, as soft deleting users is where most of your storage costs can be saved.

  12. Select Next.

  13. Review the information and select Submit.

To check the status of your job, select the My bulk deletion system jobs view.

Permanently delete users in Power Platform in bulk

  1. In the Power Platform admin center, select an environment.
  2. Select Settings > Data management > Bulk deletion.
  3. Select New to start the Bulk Deletion Wizard, which creates a bulk deletion job with the soft delete users you want to delete.
  4. Click Next.
  5. In the Look for drop-down meanu, select the Users table.
  6. In the Use Saved View drop-down menu, select the Soft deleted Users view.

Note

You can create your own equivalent view to meet your record retention policy.

  1. Select the Preview Records button to see the list of users that can be permanently deleted.

  2. Select Next.

  3. In the Name field, enter a name for your bulk deletion job.

  4. Select a date and time to start the job.

    Note

    We recommend that you set this schedule based on your record retention policy.

  5. Select Next.

  6. Review the information and select Submit.

To check on the status of your job, select the My bulk deletion system jobs view.

See also

Delete a user from your organization
Troubleshooting: Common user access issues