3 Ways to Remove Users from Jira

Discover three ways to remove users from Jira, outlining practical approaches to handle account removal or deactivation for teams
The author of the article Chris Shuptrine
Sep 2025
3 Ways to Remove Users from Jira

Removing someone from Jira can be tricky. Do you deactivate the user, revoke product access, or delete the account? The choice impacts security, licenses, and audit trails.

This guide covers three options and when to use each: deactivation in Atlassian Admin, removing Jira product access and groups, and blocking the identity in your directory (Google, Azure AD, SCIM). We’ll highlight what persists, what breaks, and how each path affects compliance and cost.

Table of Contents

Pro Tip: Too long? Ask ChatGPT to summarize →

Use Jira’s UI

Here, you’ll use Jira’s own UI to remove a user’s access. Atlassian’s docs call this deactivating a user in Cloud, or disabling a user in Data Center. You won’t delete their history.

Before you start: confirm your admin level

  • You need one of these roles:
    • Jira Cloud: organization admin or site admin
    • Jira Data Center: Jira System Administrators global permission
    • If you only have project admin, ask a site or system admin to do this part.

Jira Cloud: deactivate the user

  • Go to admin.atlassian.com, pick your organization and site.
  • Open Directory, then Users. Search for the person and open their profile.
  • Select Actions, then Deactivate account. Confirm.
  • What deactivation does:
    • Stops sign-in to all Atlassian products in your org
    • Frees the Jira license seat
    • Keeps their name on issues, comments, and history for audit trail
  • If you see “Managed by another organization” and cannot deactivate:
    • Open Product access on the user’s page
    • Turn off Jira access for your site
    • Remove them from any groups that grant Jira, like jira-software-users or jira-servicedesk-users

Jira Data Center or Server: disable the user

  • In Jira, select the cog Settings icon, then User management.
  • Find the user, open their details, and click Disable user or clear the Active checkbox. Confirm.
  • If the account comes from an external directory like LDAP:
    • Disable the account in that directory, or make the directory read-only in Jira and remove the user’s group memberships
    • Result is similar to Cloud. They can’t log in, their history stays, and you free the license.

Clean up their access and visibility

  • Groups and project roles:
    • Remove the user from product-access groups and any custom groups
    • In each key project, open Project settings then People and remove the user from roles
  • Components and notifications:
    • If the user was a component lead or on notification schemes, replace them to avoid mail bounces

Reassign work and owned content

Issues they still own:

  • Go to Filters > Advanced issue search
  • Search for assignee = <user> and limit to open statuses
  • Use the . menu to start a bulk change, choose Edit, set a new Assignee, and confirm Filters and dashboards they owned:
  • Go to Jira settings > System > Shared filters and Shared dashboards
  • Change the owner to an active user or a service account
  • Automation rules:
    • For each affected project, open Project settings > Automation
    • Update the rule actor to a shared service user so rules keep running

Double-check license impact and audit

  • In Cloud, confirm the user now shows as Inactive in Directory > Users, and that Jira product access is off
  • In Data Center, confirm the user is Inactive in User management
  • Quick audit:
    • Run a search for any remaining issues assigned to the user
    • Spot-check key projects for roles, components, and automation references

This follows Atlassian’s documented approach: deactivate or disable the account in the UI, remove product access if deactivation is blocked, then reassign what they owned so work keeps moving.

Use Torii

Instead of working in Jira directly, you can use Torii, a SaaS Management Platform, to remove a user in Jira. SMPs let you centrally manage SaaS apps, subscriptions, and integrations, making it simple to programmatically onboard/offboard users, review subscription details, and more.

Rather than performing this step manually in Jira, Torii allows you to automate it so the action runs whenever a defined trigger occurs. Triggers can include a new hire, a departing employee, a contract renewal, and similar events. This can save significant time when the task recurs often.

To remove a user in Jira directly from Torii, follow these steps:

1. Sign up for Torii

Contact Torii, and request your free two-week proof-of-concept.

2. Connect your Jira account to Torii

After your account is active, connect Jira to Torii (assuming you already have an account). Here are the instructions for the Jira integration.

torii jira dashboard

3. Create a Torii workflow for Jira

In Torii, set up an automated workflow to remove the user in Jira. Go to the Workflows tab, define a trigger, then add an action that will remove the user in Jira. From then on, whenever the trigger fires, Jira will be updated automatically.

creating jira workflows in torii

Use Jira’s API

Here, you’ll use the Jira Cloud REST API to remove a user’s access. You’ll find their accountId, remove them from groups that grant product access, and, if needed, remove the user from your Jira site.

Set up basics for requests

Use Basic auth with an Atlassian API token. The examples assume:

  • BASE is your Jira Cloud base URL, like https://your-domain.atlassian.net
  • EMAIL is your admin email
  • API_TOKEN is your Atlassian API token

Example curl auth format is:

-u "$EMAIL:$API_TOKEN"

1) Get the user’s accountId

Use the Jira Cloud REST API v3 user search to find the accountId. If you know the email, search with query.

Example curl is:

curl --request GET \
--url "$BASE/rest/api/3/user/search?query=user.email%40example.com" \
--user "$EMAIL:$API_TOKEN" \
--header 'Accept: application/json'

From the response, copy the "accountId" of the user you want to remove.

If you already have the accountId, you can confirm the user exists:

Example curl is:

curl --request GET \
--url "$BASE/rest/api/3/user?accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN" \
--header 'Accept: application/json'

2) List the groups the user belongs to

Use the user groups endpoint in the Jira Cloud REST API v3.

Example curl is:

curl --request GET \
--url "$BASE/rest/api/3/user/groups?accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN" \
--header 'Accept: application/json'

This returns the groups that include the user. Product access for Jira is granted by group membership, so you’ll remove the user from these groups.

3) Remove the user from each group

Use the group membership endpoint to remove the user. You can target a group by groupId or groupname.

Remove by groupId:

Example curl is:

curl --request DELETE \
--url "$BASE/rest/api/3/group/user?groupId=$GROUP_ID&accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN"

Remove by groupname:

Example curl is:

curl --request DELETE \
--url "$BASE/rest/api/3/group/user?groupname=$GROUP_NAME&accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN"

Repeat for each group returned in step 2. When the user is out of all product-access groups, they can no longer use Jira.

4) Confirm group removal

Run the groups call again to make sure the user is no longer in any Jira product-access groups.

Example curl is:

curl --request GET \
--url "$BASE/rest/api/3/user/groups?accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN" \
--header 'Accept: application/json'

5) Optional: Remove the user from your Jira site

If you want to remove the user from the Jira site itself, use the Jira Cloud REST API v3 delete user endpoint. This requires admin permissions. Content created by the user remains attributed as documented in the API.

Example curl is:

curl --request DELETE \
--url "$BASE/rest/api/3/user?accountId=$ACCOUNT_ID" \
--user "$EMAIL:$API_TOKEN"

Expected result: HTTP 204 means the request succeeded. If you get a 403 or 400, check permissions and whether this operation is allowed for your site.

Frequently Asked Questions

You have three options: use Jira's UI to deactivate/disable the account, remove Jira product access and group memberships, or automate removal with Torii or the Jira REST API. Choose based on admin permissions, directory management, and your need to preserve history.

Deactivating stops sign-ins, frees the Jira license seat, and preserves the user's name on issues, comments, and history for audits. It does not delete content. In Data Center disable behavior is similar; managed accounts may require directory changes.

Remove product access when the account is managed by another organization or an external identity provider and you cannot deactivate; or when you need to revoke Jira access quickly while leaving the account intact in the identity directory.

Search for open issues with assignee = user, use bulk change to set a new assignee, transfer ownership of shared filters and dashboards, update component leads and notification schemes, and change automation rule actors to a service or shared account.

Authenticate with your admin email and API token, find the user's accountId via user search, list their groups, DELETE them from product-access groups, confirm removal, and optionally call the delete user endpoint to remove the user from the site.

Torii automates onboarding/offboarding with triggers, centralizes SaaS access and subscription management, runs programmatic removals across connected apps, reduces manual steps, enforces consistency, and helps with audits and license optimization while aiding cost control.