About the unaffiliated users policy
By default, when a user loses access to all organizations in your enterprise, the user remains in your enterprise as an unaffiliated user. This can happen when you remove a user from organizations explicitly or remove an organization from your enterprise.
Unaffiliated users retain team membership, enterprise roles, and GitHub Copilot licenses granted directly from the enterprise account.
You can set a policy to instead remove users from the enterprise completely when they are removed from every organization. Removed users will lose all privileges and licenses granted from the enterprise. This is useful if you have an offboarding process that depends on removing users from organizations, for example using team synchronization from an identity provider.
This policy:
- Applies regardless of how users lose their organization membership (through direct removal, a team, or removing an organization).
- Does not apply to users with the enterprise owner or enterprise billing manager role. These users remain in the enterprise regardless of their organization membership and the policy setting.
Setting the policy
Note
This policy is not available for Enterprise Managed Users.
- In the top-right corner of GitHub, click your profile picture.
- Depending on your environment, click Enterprise, or click Enterprises then click the enterprise you want to view.
- At the top of the page, click Policies.
- In the left sidebar, click Member privileges.
- Under "Unaffiliated user", choose your setting for the policy.