# User onboarding and offboarding

## User onboarding <a href="#onboarding-users" id="onboarding-users"></a>

Whether through a DevOps platform or an SSO identity provider, when users first sign up with SonarQube Cloud, their account is automatically created in SonarQube Cloud.

At login time, users are automatically added to organizations in the following cases:

* With a DevOps platform (DOP) service, through the GitHub member synchronization. In this case, you cannot add DOP users manually.
* In an SSO-enabled enterprise, through Just-in-Time (JIT) or auto-provisioning. You cannot add SSO users manually.

Otherwise, you must manually add the DOP users to their organization, see [Adding organization members](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-members.md) for more information.

{% hint style="info" %}
In an SSO-enabled enterprise, DOP users can be added manually to organizations.
{% endhint %}

## Deleting a DOP account <a href="#deleting-dop-account" id="deleting-dop-account"></a>

You can only delete your own account, see [Deleting your account](/sonarqube-cloud/managing-your-account/deleting.md). If you want to delete another user’s DevOps platform (DOP) account:

* If the GitHub member synchronization is used, remove the user from the GitHub organization.
* Otherwise, remove the user’s DOP account from the SonarQube Cloud organizations they are a member of, see [Adding organization members](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-members.md).

## Deleting an SSO account <a href="#deleting-sso-account" id="deleting-sso-account"></a>

If you use the SCIM provisioning feature, SonarQube Cloud automatically deprovisions a user as soon as their account is deactivated or removed from your identity provider. For more information, see [Broken mention](broken://pages/yY8nqAzL3FQGj0f5ZTKL).

Otherwise, to prevent an SSO user from logging in to your SonarQube Cloud organizations, remove their access rights from the identity provider.

## Related pages

[Default authentication through DevOps platform](/sonarqube-cloud/administering-sonarcloud/about-sonarqube-cloud-solution/user-management/devops-platform-authentication.md)\
[Set up SCIM](/sonarqube-cloud/administering-sonarcloud/enterprise-security/sso-and-provisioning/set-up-scim.md)

## Related pages <a href="#related-pages" id="related-pages"></a>

* [Adding organization members](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-members.md)
* [Managing user groups](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/user-groups.md)
* [Managing organization permissions](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/organization-permissions.md)
* [Disabling GitHub member synchronization](/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/github-member-sync.md)
* [Recovering organization admin access](/sonarqube-cloud/administering-sonarcloud/managing-organization/recovering-org-admin-access.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sonarsource.com/sonarqube-cloud/administering-sonarcloud/managing-organization/users-and-permissions/user-on-and-offboarding.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.