# Suspend and Delete Users

**ID:** ADM-002
**Priority:** High
**Status:** Planned

## User Story
As a platform administrator, I want to suspend and delete user accounts so that I can handle policy violations, security incidents, and account removal requests.

## Acceptance Criteria
- [ ] Admin can search for users by email, name, or ID
- [ ] Admin can suspend a user account with reason
- [ ] Suspended users cannot log in
- [ ] Suspended users' active sessions are invalidated
- [ ] Admin can unsuspend accounts
- [ ] Admin can permanently delete suspended accounts
- [ ] Deletion removes all user data (GDPR compliance)
- [ ] Audit log for all suspension/deletion actions

## Technical Notes
- `suspendUser` and `deleteSuspendedUser` endpoints exist
- Need admin UI for user management
- Consider soft delete with retention period
- Handle organization ownership before deletion
- Email notification to user on suspension

## Related TODOs
- Partial implementation in UserManager