Offboarding is the process of revoking all system access, deactivating accounts, recovering devices and credentials, and removing entitlements for employees, contractors, or partners who are leaving the organization.
⚙️ How Does It Work?
Triggered by HR termination events, the IGA system automatically disables all accounts, revokes SSO sessions, removes group memberships, notifies PAM to rotate vaulted credentials, and generates a deprovisioning audit trail.
📍 Where Is It Used?
Every organization — improperly offboarded accounts are one of the top sources of insider threat and unauthorized access.
💡 Real-World Example
A financial firm's IGA system detects a termination in Workday at 4:55 PM Friday. By 5:00 PM: the employee's 47 application accounts are disabled, Active Directory account is deactivated, SSO sessions are revoked, VPN certificates are revoked, and PAM rotates all shared credentials she had access to.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →