Skip to content
Documentation
ATOMx
Personas
PER-005: David Murphy — Organization Administrator
Key Scenarios
SC-03: Emergency Offboarding

SC-03: Emergency Offboarding

Andi Lamprecht Andi Lamprecht ·· 2 min read· Draft
Emergency
FieldValue
Scenario IDPER-005-SC-03
Context / TriggerA pilot has been terminated for cause at 2:00 PM. The pilot has an active (Activated) flight authorization scheduled until 4:00 PM. David is notified by HR and must immediately revoke the pilot’s ATOMx access while ensuring the active flight situation is handled safely.

Narrative

David receives the termination notification and opens the organization admin dashboard. He searches for the pilot’s user account and sees their status: Active, with one Activated flight authorization currently in progress.

David initiates user deactivation [UERQ-SYS-1937(b), UERQ-SYS-1917(c)]. The system presents a warning: “This user has 1 active flight authorization (Activated state, expires 4:00 PM). Deactivating this user will terminate their session. The active authorization’s status will be communicated to the Flight Authorization Service.”

David confirms the deactivation. The system terminates the user’s active session [UERQ-SYS-1933(d)] and deactivates the account. The pilot can no longer authenticate to ATOMx.

David contacts the Fleet Manager to coordinate the operational response: another pilot is dispatched to the field site to take over or safely recover the aircraft.

David verifies the deactivation in the audit log [UERQ-SYS-1936]: the log shows the user’s status changed from Active to Deactivated, the session was terminated, and the timestamp is recorded. He documents the termination reason in the organization’s compliance record.

If SCIM is configured, the deactivation also propagated from the Azure AD disable action, but David performed the manual deactivation first because the SCIM sync interval may introduce a delay he cannot afford.

Traceability
Linked End GoalsEnsure that when a user is removed, access is terminated completely and immediately.
Linked CapabilitiesOperator Deactivation (UERQ-SYS-1937), Organization User Management (UERQ-SYS-1917), Session Management (UERQ-SYS-1933), Profile Update Audit (UERQ-SYS-1936), Controlled User Provisioning (UERQ-SYS-1988).
Safety RelevanceCritical: a terminated employee with continued platform access could submit unauthorized flight authorization requests, creating regulatory liability. However, abruptly terminating access during an active flight also creates a safety consideration — the system must handle the active authorization gracefully and the operational response must be coordinated.
Last updated on
SC-02: SSO MigrationSC-04: Domain Claiming