• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

Expired vs Locked - Concept

Scheduled Pinned Locked Moved Unsolved
Q&A
2
2
366
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    flaviofdiez
    last edited by 3 Feb 2022, 10:25

    Background
    Having the capability to Lock a user through the UI is a great concept that can be quite useful for customer support (like giving a "test period" access).

    What is not useful is that you have to do it pretty much manually. To avoid that we have a script that can set an Expiry Instant for a certain User.

    The problem now is that on the UI we cannot see if the user is not active since it might be expired. We have to go in the user and check the source. Worst of all you need to call the API to "unexpired" it, i.e. there is no UI support.

    My Current Solution
    I am building a UI internally to allow our customer support to do those instead of having to contact us from the technical team, but I would love if someone could explain to me the difference on these concepts and maybe explain to me why the decision of implement these separately was made.

    One idea
    I could imagine having something like a "time-based lock". We could set it to now and it would lock it right away. Otherwise on a certain date. For this the expiry would work exactly as now and the lock would not be necessary. Just the UI would be updated based on that info.

    Appreciation
    This is curiosity and trying to understand the product better, I can still use everything and think FusionAuth is a very complete (and awesome) tool. So please don't take this as a criticism.

    D 1 Reply Last reply 17 Feb 2022, 03:14 Reply Quote 0
    • D
      dan @flaviofdiez
      last edited by 17 Feb 2022, 03:14

      @flaviofdiez

      Thanks for sharing your thoughts.

      If you want to mark a user inactive, you can do a soft delete on that user: https://fusionauth.io/docs/v1/tech/apis/users#delete-a-user

      Then you can re-activate them: https://fusionauth.io/docs/v1/tech/apis/users#reactivate-a-user

      I'm not sure what you mean by expired? That seems like a construct you are creating yourself?

      If you want to apply a time based attribute to a user, you could use user actions: https://fusionauth.io/docs/v1/tech/apis/actioning-users which let you apply an action to a user, which can be for a limited period of time or forever (until you remove it). There's some support in the admin UI for applying user actions.

      HTH.

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • First post
        Last post