> ## Documentation Index
> Fetch the complete documentation index at: https://capy.sc/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# capy kick: Remove a Teammate from Your Org

> Remove a teammate with capy kick <email>. O(1) revocation: no key rotation, no re-encryption — their local key material becomes cryptographically inert.

## Synopsis

```bash theme={null}
capy kick <email>
```

## Description

Removes `<email>` from the current organization. The service deletes their membership, and their local `key.enc` becomes cryptographically inert - the service will refuse to strip the outer wrap for a non-member.

`capy kick` is O(1). No key rotation, no re-encryption of secrets for remaining members.

## What kicking does

* Revokes the ex-member's ability to decrypt any secret in the org.
* Takes effect on their **next** CLI call. Already-running processes they have in memory continue working until they terminate.
* Leaves the master key unchanged for remaining members.

## What kicking does not do

* It doesn't recall plaintext copies the user already read and stored elsewhere.
* It doesn't invalidate deploy tokens they may have minted (revoke those separately if you're concerned).
* It doesn't rotate the master key. You only need to rotate if the ex-member captured the seed phrase.

## Example

```bash theme={null}
$ capy kick alice@example.com
✔ Removed alice@example.com from "Acme Corp".

  Their local key.enc is now cryptographically inert.
  If they captured plaintext values, rotate those through your normal process.
```

## See also

* [Kicking users](/using/team/kicking) - deeper discussion
* [Cryptography → Revocation](/internals/cryptography#revocation)
