Features built for reliable exits
Pipeline automation, audit-ready artifacts, and alert orchestration — without scripting.
Automated 9-step pipeline
Runs in under five minutes. Zero manual steps.
Trigger an offboarding once; OffboardIQ executes the sequence in order, with retries and evidence at every step.
Disable Azure AD
Block sign-in and group access in one shot.
Revoke active sessions
Clear browser and device sessions across M365.
Remove licenses
Reclaim Office, Exchange, and add-on entitlements.
Remove group & app access
Strip SharePoint, Teams, and app role assignments.
Forward or convert email
Route mail to manager or shared mailbox per policy.
Transfer OneDrive
Hand off or archive files to a delegate or storage path.
Wipe & unenroll devices
Intune/MDM retire and factory reset when required.
Set out-of-office
Consistent autoreply and contact routing on last day.
Update HR / IT status
Close the loop in your system of record and tickets.
Representative board — your data stays in your tenant.
Compliance & audit without the scramble
SOC2-ready PDF reports generated automatically
- Timestamped PDF covers summary, steps, and outcomes suitable for SOC 2 evidence packs.
- Audit log exported as CSV for any regulatory or insurance request.
Compliance report
OFFBOARD-IQ — CONFIDENTIAL
Employee exit summary
All automated steps · signed run log
Prepared for auditors and security review
Live compliance score on every completed exit (Business & MSP).
Automation Hub
Set it up once. Runs forever.
Step failure alert
- On any failed step
- Slack, Teams, or email
Manager notification
- Handover package to people manager
- Optional PDF link
Auto-retry
- Backoff and re-run flaky API calls
- No ticket ping-pong
Escalation chain
- 24h nudge to owner
- Then route to CISO or help desk
Data exfiltration alert
- Unusual download or share activity
- CISO in the loop
Weekly compliance digest
- Pass / at-risk score roll-up
- Mondays, zero effort
Integrations
Plug into the stack you already run — more platforms on the roadmap.
Microsoft 365
Azure AD, Intune, OneDrive, Exchange · full or group-scoped sync
Microsoft Teams
Webhooks & channel alerts
Slack
Incoming webhooks for #it-alerts
Jira
Failed step → IT tickets
ServiceNow
Incidents for failed automations
Outlook & Google workspace
Azure AD / Microsoft 365 sync
Import your employees directly from Azure AD
Connect once and OffboardIQ pulls your employee list straight from Microsoft 365 — no CSV uploads, no manual entry. Sync on demand or before every offboarding.
Sync all users or a specific security group
By default OffboardIQ imports every active user. Scope it to a single Azure AD security group — paste the Object ID, validate, and only those members are ever imported.
Group name and member count validated live
OffboardIQ resolves the display name and member count from Microsoft before saving — so you always know exactly which group you have scoped.
Per-tenant scope for MSPs
Each client tenant can have a different sync scope. Set it independently per client from the MSP portal.
Settings → Integrations
Microsoft 365 — Connected
Directory sync scope
All users
Import every active, non-guest user in your tenant
Specific security group
Only members of one Azure AD group are imported
IT Department
42 members · validated
Built for MSPs managing multiple clients
Multi-tenant architecture means each client gets their own isolated environment — branding, users, audit trails, and billing stays separate.
- Dedicated spaces per customer with clean handoffs for your NOC.
- MSP plan from $399/mo ($3,990/yr) — up to 10 tenants, unlimited employees, dedicated support.
Multi-tenant overview
Conceptual diagram — production isolation depends on your OffboardIQ plan and Azure tenancy model.