Skip to main content

Netskope Help

Delete or Downgrade the Global Administrator Account

Netskope requires a global administrator account to grant rights to the Netskope Activity Feeds for Microsoft Office 365 OneDrive for Business application. Post-grant, you can delete or downgrade the original service account that you have used to set up the Microsoft Office 365 OneDrive for Business app instance. To do so, follow the steps below:

  1. Log in to the Netskope tenant and navigate to Settings > API-enabled Protection > SaaS and click the Microsoft Office OneDrive for Business app.

    The UI displays a list of app instances.

  2. Click the relevant app instance and note down the admin email address.

  3. Log in to the Microsoft Office 365 admin center at login.microsoftonline.com.

    Note

    Do not log in with the global administrator email account that you have used to set up the Microsoft Office 365 OneDrive for Business app instance. You should log in using an alternate administrator account. Ensure that the logged in user has enough permissions to delete or downgrade a global administrator role. For example, you can log in as a user administrator account.

  4. Navigate to Admin > Users > Active users. Search for the user you noted in step 2 and select the user.

  5. Under the Accounts tab, you can either delete the user or downgrade the role:

    • To delete the user, click Delete user.

      Note

      If you intend to re-grant the Microsoft Office 365 OneDrive for Business app instance anytime in future, create a temporary user with a global administrator role and use this account to re-grant.

    • To downgrade the role, under Roles, click Manage roles. Select a non-global administrator role and click Save changes.

      Note

      If you intend to re-grant the Microsoft Office 365 OneDrive for Business app instance anytime in future, reassign the global administrator role to the user before re-granting.

      Important

      If you intend to integrate Microsoft Information Protection (MIP) with Netskope, you should downgrade the admin role to Azure Information Protection Administrator and Application Administrator at a minimum.