Remove a member from your organization

You can remove a user from your organization through the dashboard. This guide provides further steps to help keep your organization secure.

Remove the user from the organization.

Go to Teams and select Remove from the Options dropdown for the user.**

After you remove a user, it’s a good idea to go through the following steps to remove any lingering VPN tunnels, tokens, and secrets set by the user. You can also see these steps in your dashboard under Offboarding.
Delete all WireGuard peer connections that belong to the user.

When you remove a user from an organization, all of their automatically-generated WireGuard peers get deleted. You might still need to remove WireGuard peers they created manually.

List all the WireGuard peers for your org and copy the peer name to remove:
```
fly wireguard list <org name>
```
Remove the peer:
```
fly wireguard remove <org name> <peer name>
```
Repeat for each peer to remove.
Revoke all tokens generated by the user.

List the tokens for your organization and copy the token IDs:
```
fly tokens list --scope org
```
List the tokens for individual apps and copy the token IDs:
```
fly tokens list --app <app name>
```
Revoke all the user’s tokens:
```
fly tokens revoke <token id> <token id> ...
```
Remove the secrets (environment variables) set by the user.

List the secrets in an app:
```
fly secrets list --app <app name>
```
Unset all the secrets set by the user:
```
fly secrets unset --app <app name> <secret name> <secret name> ...
```
Repeat for each application the user had access to.
Rotate all passwords that the user had access to that could cause a security breach.
Remove the user from any other tools, such as GitHub, Slack, Jira, Trello, or Asana.

Report an issue or edit this page on GitHub