Deactivate User account due to inactivity
Hello Team,
I have a scenario where I want to deactive a user due to being inactivty lets says for 30 days.
So the ideal solution is to look at the event logs although the client must only generate the session token and then keep on using the token to let the user perfrom actvities on their application which will not be logged in the Zitadel event store.
The only interaction of client using the token with zitadel would be that of verifying the token by fetching the user info in their middleware (/auth/v1/users/me).
So in this case is there a Event log that I can use to check the event of last user token verification? Or do you have a solution for me to implement where based on user inactivity for 30 days , I deactivate the user account
Looking to get some help here.
Thanks
6 Replies
Hey @2isprime! This doc might be helpful based on your case: https://zitadel.com/docs/guides/integrate/zitadel-apis/event-api#example-find-out-which-users-have-authenticated
Let me know if you have any follow up questions! :gigipixel:
ZITADEL Docs
ZITADEL leverages the power of eventsourcing, meaning every action and change within the system generates a corresponding event that is stored in the database.
Hello @Raccine ,
Thanks for the doc, although as mentioned the user once login will continue using the application and the requirement is to detect inactivity
From the doc , the event oidc_session.added
Will only be available when a mew session is added. For a scenario like where user logged in and the session token was generated, now this user does not interact, then in that case lets say after 3 hrs of inactivity I want to inactivate the user
Unknown User•9mo ago
Message Not Public
Sign In & Join Server To View
@THE_13joker1 , can u explain more
Unknown User•9mo ago
Message Not Public
Sign In & Join Server To View
That’s right, this is the approach i am using but wanted to check if zitadel has something available