diff --git a/ee/app/finders/groups/users_finder.rb b/ee/app/finders/groups/users_finder.rb
index 67285f2310cbdc414605a7aa6f8ba74ae51bbacb..597c01fa4f5b8cfa80b8a5fe10b062e799b29e91 100644
--- a/ee/app/finders/groups/users_finder.rb
+++ b/ee/app/finders/groups/users_finder.rb
@@ -25,7 +25,8 @@ def base_scope
 
       return relations.first if relations.size == 1
 
-      ::User.from_union(relations) # rubocop:disable CodeReuse/ActiveRecord -- Simple union of existing relations/scopes
+      union = ::User.from_union(relations) # rubocop:disable CodeReuse/ActiveRecord -- Simple union of existing relations/scopes
+      union.order_id_desc
     end
 
     def relations_to_join(users)
diff --git a/ee/lib/ee/api/groups.rb b/ee/lib/ee/api/groups.rb
index 845b0220e99c631fb90be522d0ee02a0d136c55e..a6067f3732eb96be3e4e22872ac6903e0cfd93d9 100644
--- a/ee/lib/ee/api/groups.rb
+++ b/ee/lib/ee/api/groups.rb
@@ -268,6 +268,9 @@ def delete_group(group)
             ]
           end
           params do
+            optional :search, type: String, desc: 'Search users by name, email or username'
+            optional :active, type: ::Grape::API::Boolean, default: false, desc: 'Filters only active users'
+
             optional :include_saml_users,
               type: Grape::API::Boolean,
               desc: 'Return users with a SAML identity in this group'
@@ -276,8 +279,6 @@ def delete_group(group)
               desc: 'Return service accounts owned by this group'
             at_least_one_of :include_saml_users, :include_service_accounts
 
-            optional :search, type: String, desc: 'Search users by name, email or username'
-
             use :pagination
           end
           # rubocop: disable CodeReuse/ActiveRecord
diff --git a/ee/spec/finders/groups/users_finder_spec.rb b/ee/spec/finders/groups/users_finder_spec.rb
index 6e36df500d7ae461493f4f8d867ebcdfb0752902..d2d501a2c4248e4c44debfd4d66922b90d8397b1 100644
--- a/ee/spec/finders/groups/users_finder_spec.rb
+++ b/ee/spec/finders/groups/users_finder_spec.rb
@@ -38,6 +38,10 @@
       it 'finds both saml users and service accounts' do
         expect(finder.execute).to match_array([saml_user1, saml_user2, service_account1, service_account2])
       end
+
+      it 'orders by id descending' do
+        expect(finder.execute).to eq([service_account2, service_account1, saml_user2, saml_user1])
+      end
     end
 
     context 'when params includes only saml users' do
@@ -46,6 +50,18 @@
       it 'finds only saml users' do
         expect(finder.execute).to match_array([saml_user1, saml_user2])
       end
+
+      context 'when active param is true' do
+        let(:params) { { active: true, include_saml_users: true } }
+
+        before do
+          saml_user2.block!
+        end
+
+        it 'includes only active users' do
+          expect(finder.execute).to match_array([saml_user1])
+        end
+      end
     end
 
     context 'when params includes only service accounts' do