diff --git a/keystone/federation/core.py b/keystone/federation/core.py
index 2bec067ee2..559e2b58a8 100644
--- a/keystone/federation/core.py
+++ b/keystone/federation/core.py
@@ -173,6 +173,21 @@ class Manager(manager.Manager):
         self._validate_mapping_exists(protocol['mapping_id'])
         return self.driver.create_protocol(idp_id, protocol_id, protocol)
 
+    def delete_protocol(self, idp_id, protocol_id):
+        hints = driver_hints.Hints()
+        hints.add_filter('protocol_id', protocol_id)
+        shadow_users = PROVIDERS.shadow_users_api.list_federated_users_info(
+            hints)
+
+        self.driver.delete_protocol(idp_id, protocol_id)
+
+        for shadow_user in shadow_users:
+            PROVIDERS.identity_api.shadow_federated_user.invalidate(
+                PROVIDERS.identity_api, shadow_user['idp_id'],
+                shadow_user['protocol_id'], shadow_user['unique_id'],
+                shadow_user['display_name'],
+                shadow_user.get('extra', {}).get('email'))
+
     def update_protocol(self, idp_id, protocol_id, protocol):
         self._validate_mapping_exists(protocol['mapping_id'])
         return self.driver.update_protocol(idp_id, protocol_id, protocol)
diff --git a/releasenotes/notes/bug-1810393-5a7d379842c51d9b.yaml b/releasenotes/notes/bug-1810393-5a7d379842c51d9b.yaml
new file mode 100644
index 0000000000..32cb2488a5
--- /dev/null
+++ b/releasenotes/notes/bug-1810393-5a7d379842c51d9b.yaml
@@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    [`bug 1810393 <https://bugs.launchpad.net/keystone/+bug/1810393>`_]
+    Now when an identity provider protocol is deleted, the cache info for the
+    related federated users will be invalidated as well.