Miro seems to maintain all our old employees and associates accounts on their system even though we delete them from our company account. This is an issue for security and clarity in offboarding people. If they used their email and a password to access their account, rather than single sign in/OAuth using Google, they would still have access and not be locked out. Although we will not be paying for them at that point as they are not part of our team account, it is still an issue that they are using the service under our domain. Can anyone help here?
Answered
Deleted users maintained with Miro
Best answer by Eca
Hi
I understand your concerns about offboarding and security. When a user is removed from your Miro team, their access to your specific team’s content is revoked. However, if they originally signed up with their email and password (instead of SSO/OAuth), they retain a personal Miro account that exists independently of your team.
While they won’t have access to your team’s boards anymore, they can still use Miro with their email under your domain unless their email is deactivated by your IT department.
Here are some steps you can take for better control:
- If you're on an Enterprise plan, you can enforce domain capture and SSO to ensure that only authorized users can use Miro with your company domain.
- Ensure that offboarding includes deactivating company email addresses so that users can’t reset passwords or log into any remaining accounts.
- If you believe there’s an issue with how user removal is working in your case, I’d recommend reaching out to Miro Support to confirm your settings: How to contact Miro Support.
Hope this helps! Let me know if you need further clarification.
+2Hi
I understand your concerns about offboarding and security. When a user is removed from your Miro team, their access to your specific team’s content is revoked. However, if they originally signed up with their email and password (instead of SSO/OAuth), they retain a personal Miro account that exists independently of your team.
While they won’t have access to your team’s boards anymore, they can still use Miro with their email under your domain unless their email is deactivated by your IT department.
Here are some steps you can take for better control:
- If you're on an Enterprise plan, you can enforce domain capture and SSO to ensure that only authorized users can use Miro with your company domain.
- Ensure that offboarding includes deactivating company email addresses so that users can’t reset passwords or log into any remaining accounts.
- If you believe there’s an issue with how user removal is working in your case, I’d recommend reaching out to Miro Support to confirm your settings: How to contact Miro Support.
Hope this helps! Let me know if you need further clarification.
Reply
Behind the Canvas: Powering Innovation in Miro
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.