diff --git a/README.md b/README.md
index 608c14dec85df802f7d1a4bd7a97975eb163eaa2..ae3cbfe279036d444d7467776679cad9b24c90ae 100644
--- a/README.md
+++ b/README.md
@@ -143,3 +143,12 @@ The values should be set as follows:
 - `occ config:system:set newsletter_list_ids eos --value=1234`: should be set to the list ID for the eOS newsletter
 - `occ config:system:set newsletter_list_ids product --value=1234 --type=integer` should be set to the list ID for the shop newsletter
 - `occ config:system:set newsletter_list_ids b2b --value=1234 --type=integer` should be set to the list ID for the B2B newsletter
+
+## Vault account delete configuration:
+
+Needs configuration variables to be set:
+
+```
+oidc_vault_account_delete_url=vault-full-url
+oidc_vault_account_delete_token=vault-token
+```
\ No newline at end of file
diff --git a/lib/Listeners/BeforeUserDeletedListener.php b/lib/Listeners/BeforeUserDeletedListener.php
index a33c760f16ae4cbf10281a7bba464ac67b5de7b5..96e0f2db8c4d6d56d2db14a30541ac1ae432077f 100644
--- a/lib/Listeners/BeforeUserDeletedListener.php
+++ b/lib/Listeners/BeforeUserDeletedListener.php
@@ -51,6 +51,20 @@ class BeforeUserDeletedListener implements IEventListener {
 		} catch (Exception $e) {
 			$this->logger->error('Error deleting mail folder for user '. $uid . ' :' . $e->getMessage());
 		}
+
+		$this->logger->info('Deleting vault account of user '.$user);
+		$oidcUid = $this->config->getUserValue(
+			(string) $uid,
+			"oidc_login",
+			"oidc_uid"
+		);
+
+		if (!empty($oidcUid)) {
+			$this->triggerVaultAccountDelete($oidcUid);
+		} else {
+			$this->logger->error('Error deleting vault account: No ssoid for '.$user);
+		}
+
 		try {
 			if ($this->LDAPConnectionService->isLDAPEnabled() && $isUserOnLDAP) {
 				$conn = $this->LDAPConnectionService->getLDAPConnection();
@@ -113,4 +127,35 @@ class BeforeUserDeletedListener implements IEventListener {
 
 		return $aliasEntries;
 	}
+
+	private function triggerVaultAccountDelete(string $oidcUid): void {
+		$webhookUrl = $this->config->getSystemValue('oidc_vault_account_delete_url', '');
+		if ('' === trim($webhookUrl)) {
+			return;
+		}
+		$token = $this->config->getSystemValue('oidc_vault_account_delete_token', '');
+		if ('' === trim($token)) {
+			return;
+		}
+		$authorization = "Authorization: Bearer ".$token;
+		$payload = http_build_query(['ssoId' => $oidcUid]);
+		$curl = curl_init();
+
+		curl_setopt_array($curl, [
+			CURLOPT_URL => $webhookUrl."?".$payload,
+			CURLOPT_RETURNTRANSFER => true,
+			CURLOPT_HTTPHEADER => array($authorization),
+			CURLOPT_TIMEOUT => 10,
+		]);
+
+		$response = curl_exec($curl);
+		if (false === $response) {
+			$this->logger->error('Failed to call vault account delete api', [
+				'error' => curl_error($curl),
+			]);
+		} else {
+			$this->logger->info('Vault account delete successfully called');
+		}
+		curl_close($curl);
+	}
 }