Guides
Secure Access Help Center

Unenroll a Device from Zero Trust Access

Permanently unenroll a device

To revoke Zero Trust Access for a device and prevent re-enrollment, perform the following steps in order:

  1. Remove the user from the identity provider. (This may take up to 30 minutes to take effect.)
  2. Unenroll the user's device from Zero Trust Access here: Unenroll Devices for Client-Based Zero Trust Access.

Unenroll from the user endpoint device

Administrator access is not required. Users can perform this action themselves. Users can re-enroll unless you perform the steps above.

On Windows devices

  1. On the user endpoint device, launch Cisco Secure Client

  2. Click the Advanced Window button:

  3. Click Zero Trust Access:

  4. Click the Advanced tab:

  5. Click Unenroll.


On macOS devices

  1. On the user endpoint device, launch Cisco Secure Client.
  2. Click the Statistics button:

  1. Click the Advanced tab.

  2. Click Unenroll.


Updated 4 days ago