neo4j · renetapopova · Nov 24, 2023 · Nov 24, 2023
diff --git a/modules/ROOT/pages/administration/access-control/manage-users.adoc b/modules/ROOT/pages/administration/access-control/manage-users.adoc
@@ -12,6 +12,20 @@ This section explains how to use Cypher to manage users in Neo4j.
 Users can be created and managed using a set of Cypher administration commands executed against the `system` database.
 When connected to the DBMS over `bolt`, administration commands are automatically routed to the `system` database.
 
+== User states
+
+There are two types of user states in the `system` database:
+
+* `ACTIVE` state (default for new users):
+Users can log into Neo4j and perform queries according to their privileges.
+
+* `SUSPENDED` state label:enterprise-edition[]:
+** Native users who authenticate and authorize against the system graph cannot log into Neo4j.
+If suspended while using Neo4j, they lose all assigned roles with their privileges, including the `PUBLIC` role, until reactivated.
+** Users who authenticate and authorize against an external ID provider (e.g., LDAP) can still log in.
+If suspended while using Neo4j, they retain the roles and the privileges assigned by the external provider, including the `PUBLIC` role.
+To prevent any of these, you need to use the mechanisms of their identity provider.
+
 
 [[access-control-user-syntax]]
 == User management command syntax