If you need to delete a user’s personal information there are two methods that you may use.
Option 1: Overwrite personal information
Looker generally suggests that users be disabled rather than deleted. By disabling an account you can keep the user’s history and content. For more details see our Removing User Access documentation.
If you choose to disable the user, follow these steps:
- Go to the Users page in Looker’s Admin panel.
- Click Sudo to impersonate the user.
Next:
- Go to the user’s Account.
- Delete or overwrite any user changeable User Attributes that contain personal information. These do not always appear on the user admin page.
- Click Save.
- Stop sudoing by clicking Stop Sudoing in the red bar at the top of the screen.
Next:
- Go back to the Users page in Looker’s Admin panel.
- Click Edit to see the user’s details.
Next:
- Change the user’s account to Disabled.
- Overwrite the First Name to something else, like “disabled-user-1”.
- Overwrite the Last Name to something else, like “disabled-user-1”.
- Overwrite the Email to something else, like “disabled@user-1.com”.
- Delete or overwrite any User Attributes that contain personal information. If an attribute’s source is “System setting” you can’t change it directly, but Looker will update it as you work through this procedure.
- Delete or overwrite any Access Filter Fields that contain personal information.
- Click Save.
Finally, be sure to address the user’s Git activity as described below.
Option 2: Delete the user entirely
Deleting a user is irreversible. Consider your organization’s compliance and security needs before doing so.
As noted above, Looker generally suggests disabling a user rather than deleting them. If you delete a user all of their history and content is erased and cannot be recovered. For more details see our Removing User Access documentation.
If you choose to delete the user, navigate to the Users page in Looker’s Admin panel and follow these steps:
- Click Edit to see the user’s details.
- Scroll to the bottom of the page and click Delete.
- Confirm the deletion.
Finally, be sure to address the user’s Git activity as described below.
Deleting the user’s Git activity
If the user you’re disabling or deleting ever developed LookML on your Looker instance, you’ll also need to delete the user’s Git branch. This is because Looker’s developer branch names contain the first and last name of the user.
If you host your own Git repo, one of your Git administrators should delete the user’s branch.
If Looker hosts your Git repo, you can ask us to delete the branch by contacting privacy@looker.com.
SSO authentication considerations
If you use a single sign-on (SSO) method — like SAML, LDAP, OpenID, or Google — it is not sufficient to change user information on your SSO provider. Looker stores its own copies of user information, so you must complete the above steps to delete the information within Looker as well. Removing user information from the SSO provider does not remove API authentication credentials.