Disable inactive users job - behaviour for inactive users that have never logged in?

Hi Team, noticed when using the “Disable Inactive Users” job in the scheduler that users who have never logged in are not included in the disable.

Wondered what the community thought on that behaviour? I can see 2 arguments

  • that the logic for disabling users should be based on the lastLogin date only. So if a user has never logged in, it is expected behaviour they are not disabled as lastLogin is null. After all, we wouldn’t want newly created users with a blank login date getting disabled
  • that the logic should also include users created more than X months ago, but have never logged in

Or any other tips people have for clearing out old accounts where the invite has never been responded to (or more generally, where accounts have never been logged into)

Thanks! Dave

1 Like

Hi @david.palmer

This makes absolute sense! :slight_smile:

There’s an API endpoint for expired invitations. Quoting from the docs:

Expired invitations clear will remove all user account invitations which have expired.

POST PUT /api/maintenance/expiredInvitationsClear


1 Like

Great point about the endpoint for expired invites, thanks!

Just realised though - this only covers those users that were invited. Per second bullet, any tips for users that may have been created (rather than invited) but have still never logged in?

1 Like

The API endpoint has a field called userCredentials if the user has logged in, it will return the value “lastLogin”:“TIMESTAMP” but if the user never logged in, the lastLogin field will not be returned.

Another option is to use the ‘inactive’ to list the users who have been inactive since the invitation: instance-URL/api/users?query=&inactiveMonths=Number-of-Months