Phase 1 - Active

• With S-user lifetime, S-user IDs now have an "expiry date." This means all new users will have a default validity period of 24 months.
• Administrators have the ability to amend the expiration date as needed.
• A valid email address is now mandatory for all S-user IDs.

Phase 2 - Expiring

• The expiring phase is 90 days.
• All administrators will be notified as soon as the S-user enters the expiring phase. There is no impact to the S-user at the time of these notifications.
• S-users will be notified via email three times at 30 days, 14 days, and 2 days before their S-user ID expires.
• Administrators may choose to extend the S-user lifetime of each user, allow them to expire or they may delete any S-user IDs at any time. Note: There is also a mass update available.
• At any time, S-users may request an extension of their ID's expiry date via a self-service. Note: S-users will be informed about any changes to their expiration dates.

Phase 3 - Expired

• For 90 days after the expiry date passes, the S-user ID will be disabled (please note that the S-user ID will not be deleted yet).
• The S-user will be unable to authenticate into SAP platforms and systems.
• S-users will receive a confirmation notification for their expired S-user.
• Administrators can see expired S-users in the User Management Application.
• Administrators can reactivate the S-user ID up until the S-user ID is deleted.

Phase 4 - Deleted

• 90 days after the S-user ID has expired, it will be deleted.
• Administrators can view deleted S-user IDs for 12 months; however, the S-user ID will be unable to be reactivated. 
• If the deleted S-user requires access to SAP systems again, the administrator will have to create a new S-user ID for that individual (the deleted S-user ID will no longer exist). 
• Please note: SAP cannot bring this S-user ID back.
• The deleted S-user's history will also be deleted from the SAP systems permanently.