This article describes how an operator temporarily deactivates a user in Smart ID Identity Manager. Read more here: Smart ID Workforce use cases

The user's relations to credentials are kept but the user's roles are withdrawn.

The user must be in state "active"
All roles will be withdrawn. If the user is reactivated later, the user will only get the default role. See Reactivate user.
Add reasons for deactivation in Identity Manager Admin. The reasons will be shown in a drop-down list in Identity Manager Operator, see Create reason.

Step-by-step instruction for the operator

In the Quick search drop-down list, select User. (Or go to the Search page to find the user)
. Search for the user that shall be deactivated. User data is shown in read-only mode.
Click Deactivate user.
In the Reason drop -down list, select the reason for deactivation. The user's active related credentials gets inactive or locked. See "Use case details" below.
Click Next to deactivate the user. The user will not be notified by email after the deactivation.

Use case details

Use case description	As an operator I want to deactivate a user in Identity Manager
Outcome	End state for user = "inactive" End state for related credentials = "inactive"/"locked", see details below End state for related certificates = "on hold"/"revoked", see details below The relation from user to credentials still exists All roles for the user are withdrawn
Symbolic name	UsersProcDeactivate
Process name	Deactivate user
Component	Identity Manager Operator
Required user state	Active
Process start	On the user profile>Deactivate user

Option: Add an approval step