lastLoginInstant is being set when a user is created through the API though the user has not logged in yet

jlinton

When we create a user through the API (api/user POST), the lastLoginInstant is being set and is the same as the lastUpdateInstant and insertInstant. Having the lastLoginInstant being set here is a bit deceiving because the user has not actually logged in yet. I notice that in the response for this API we receive a token which is not necessary for how we are utilizing the API - is the generation of this token causing the lastLoginInstant to be set?

Is there a way that we can create a user without having any login instances being created?

joshua

Hi @jlinton,

This is working as it was designed. More context can be found here.

https://github.com/FusionAuth/fusionauth-issues/issues/1312#issuecomment-884288287

Is there a way that we can create a user without having any login instances being created?

I don't believe that this is currently possible, but I can relay this feedback to the development team. A common integration pattern is to log the user in as part of sign-up, so our current implementation reflects this to provide a better user experience.

Thanks,
Josh

joshua

@jlinton,

As a related note, you can elect to remove the JWT when calling the login API specifically.

https://fusionauth.io/docs/v1/tech/tutorials/json-web-tokens/#skipping-jwt-creation

Thanks,
Josh