Delete or suspend users

If you want to prevent access by a user, you can suspend or delete them. You need to be a Kinde Owner or Admin to do this.

Suspending a user vs suspending an organization

Suspending a user prevents that specific user from signing in to any organization.

Suspending an organization prevents all users from signing in to that specific organization, but does not affect their access to other organizations.

For details on suspending an organization, see Add and manage organizations.

Suspend a user

Link to this section

1. On the Kinde home page, select Users.
2. Find the user you want to suspend.
3. Select the three dots menu, then select Suspend user. A ‘suspended’ badge appears next to their name on the user list. When the user tries to sign in, they will receive an error and will not be able to sign in.

Restore a suspended user

Link to this section

1. On the Kinde home page, select Users.
2. Find the suspended user you want to restore.
3. Select the three dots menu, then select Restore user. This reinstates their access. When the user tries to sign in, their access will be restored.

Delete a user

Link to this section

1. On the Kinde home page, select Users.
2. Find the user you want to delete.
3. Select the three dots menu, then select Delete user. A confirmation window opens.
4. Select the extent to which you want to delete the user:
   1. Select the first option to remove the user’s access and ability to sign in to all organizations, but leave their profile in Kinde.
   2. Select the second option to completely remove the user record from Kinde, including access and all subscriber lists.
5. Select Delete user. When the user tries to sign in, they will be prompted to sign up (if self-sign-up is allowed in your business).

Can I block users by email, username, or phone number?

Link to this section

Kinde does not have a built-in blocklist for specific email addresses, usernames, or phone numbers. Suspending or deleting a user removes their existing account, but does not prevent someone from signing up again with the same identifier if self-sign-up is enabled.

To block access for accounts created with a specific identifier (after sign-up), use one of these workarounds:

• Workflows — Use a post-authentication workflow to check the authenticating user’s email, username, or phone number against a blocklist stored in an environment variable or external data source. If matched, the workflow can deny access using the deny action.
• Webhooks — Subscribe to the user.created event via webhooks. When a new user signs up with a blocked identifier, call the Management API to suspend or delete them as soon as the event is processed.
• Management API — React to sign-up events and use the PATCH /api/v1/user endpoint to suspend users whose identifiers match your blocklist.

None of these workarounds prevent the initial sign-up event from completing — they block access after the fact. If preventing sign-up at the point of registration is a hard requirement, contact Kinde support to discuss options.