Automatically disable dormant users.

[diodfr]

Hi,

first of all thanks for your product it helps me a lot.

I would be happy to give a hand in implementing : https://issues.redhat.com/browse/KEYCLOAK-5865

The subject is to disable user access after a configured duration.

@Stian Thorgersen, it seems you are active in this issue :

Do you have any suggestions ? Or guidelines ?

Disclaimer : it could be slow because I could only do it as a side project.

Thanks,

Didier

[Stian Thorgersen]

Hi,

Contributions around this would be great, but it's not the simplest thing to implement. 

We very much do not want to update the user on every login, as this will have quite a bit of an impact on performance. We also have similar needs to detect other idle things like clients and tokens. What I had in mind here was to create a separate component that tracks last-use for a resource, and updates the last-use async.

We need a background task that can perform actions on expired resources. For users there are probably two actions: "disable after N days" and "delete after X days". We also would want admin UI/API to be able to list inactive users, as well as events triggered when a user is disabled or deleted due to inactivity. 

--
You received this message because you are subscribed to the Google Groups "Keycloak Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keycloak-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/keycloak-dev/03f53d0c-42e4-4a98-9a25-854bda7d0889n%40googlegroups.com.