Add or delete users using Azure Active Directory

Add new users or delete existing users from your Azure Active Directory (Azure AD) tenant. To add or delete users, you must be a User Administrator or Global Administrator.

Note

For information about viewing or deleting personal data, please review Microsoft's guidance on the Windows data subject requests for the GDPR site. For general information about GDPR, see the GDPR section of the Microsoft Trust Center and the GDPR section of the Service Trust portal.

Add a new user

You can create a new user for your organization or invite an external user from the same starting point.

  1. Sign in to the Azure portal in the User Administrator role.

  2. Navigate to Azure Active Directory > Users.

  3. Select either Create new user or Invite external user from the menu. You can change this setting on the next screen.

    Screenshot of adding a new user from the All users page.

  4. On the New User page, provide the new user's information:

    • Identity: Add a user name and display name for the user. User name and Name are required and can't contain accent characters. You can also add a first and last name.

      The domain part of the user name must use either the initial default domain name, <yourdomainname>.onmicrosoft.com, or a custom domain name, such as contoso.com. For more information about how to create a custom domain name, see Add your custom domain name using the Azure Active Directory portal.

    • Groups and roles: Optional. Add the user to one or more existing groups. Group membership can be set at any time. For more information about adding users to groups, see the manage groups article.

    • Settings: Optional. Toggle the option to block sign-in for the user or set the user's default location.

    • Job info: Optional. Add the user's job title, department, company name, and manager. These details can be updated at any time. For more information about adding other user info, see How to manage user profile information.

  5. Copy the autogenerated password provided in the Password box. You'll need to give this password to the user to sign in for the first time.

  6. Select Create.

The user is created and added to your Azure AD organization.

Add a new guest user

You can also invite new guest user to collaborate with your organization by selecting Invite user from the New user page. If your organization's external collaboration settings are configured to allow guests, the user will be emailed an invitation they must accept in order to begin collaborating. For more information about inviting B2B collaboration users, see Invite B2B users to Azure Active Directory.

The process for inviting a guest is the same as adding a new user, with two exceptions. The email address won't follow the same domain rules as users from your organization. You can also include a personal message.

Add other users

There might be scenarios in which you want to manually create consumer accounts in your Azure Active Directory B2C (Azure AD B2C) directory. For more information about creating consumer accounts, see Create and delete consumer users in Azure AD B2C.

If you have an environment with both Azure Active Directory (cloud) and Windows Server Active Directory (on-premises), you can add new users by syncing the existing user account data. For more information about hybrid environments and users, see Integrate your on-premises directories with Azure Active Directory.

Delete a user

You can delete an existing user using Azure Active Directory portal.

  • You must have a Global Administrator, Privileged Authentication Administrator or User Administrator role assignment to delete users in your organization.
  • Global Admins and Privileged Authentication Admins can delete any users including other admins.
  • User Administrators can delete any non-admin users, Helpdesk Administrators and other User Administrators.
  • For more information, see Administrator role permissions in Azure AD.

To delete a user, follow these steps:

  1. Sign in to the Azure portal using one of the appropriate roles listed above.

  2. Go to Azure Active Directory > Users.

  3. Search for and select the user you want to delete from your Azure AD tenant.

  4. Select Delete user.

    Screenshot of the All users page with a user selected and the Delete button highlighted.

The user is deleted and no longer appears on the Users - All users page. The user can be seen on the Deleted users page for the next 30 days and can be restored during that time. For more information about restoring a user, see Restore or remove a recently deleted user using Azure Active Directory.

When a user is deleted, any licenses consumed by the user are made available for other users.

Note

To update the identity, contact information, or job information for users whose source of authority is Windows Server Active Directory, you must use Windows Server Active Directory. After you complete the update, you must wait for the next synchronization cycle to complete before you'll see the changes.

Next steps

After you've added your users, you can do the following basic processes: