The Denylist page (Usage > Denylist) lists all users who have been denied access to the system. It also provides the option to restore users added to the denylist.
Adding a user to the denylist stops all active sessions for that user. By putting their details on the denylist, it prevents them from signing in to the system from any device.
If you want to prevent a specific device from being used to sign in, such as a device that has been stolen, try the onboarding option related to Registered Devices or a stop policy.
Use the +Add button to add a user to the denylist. You can also use the action buttons in Active Sessions or Registered Devices to add users to the denylist.
You can re-enable a user on the denylist from the action button next to that user’s name.
Background information
For more information on user access, see the Disable, change or remove access section.
Adding a user to the Denylist
To add a user to the Denylist:
Click the +Add button.
In the Add User to Denylist window, enter the Username, Identity Provider, and a Reason.
Click Add to finish adding the user.
Action Buttons
Action buttons are accessed by clicking the three dots icon (
) to the right of each line item in the page or from the <Actions> button within the item. They are contextual, changing depending on the type of item and the state of the item. The Action button in the Denylist page displays the following option:
Restore user. Removes the user’s details from the denylist. The user will need to sign in again before access is granted.
NOTE
This does not restore a connection to the Gateways if an active session was stopped. The user will need to sign in again.