Locking a user account does not change lastUpdateInstant

jason

When we lock a user, the lastUpdateInstant isn't being updated to the time we do the locking at. Is there any way to get this field to update on user locks? Or alternatively, another field we can reference to see when a user account was locked.

dan

@jason

By locking the account, do you mean soft deleting the account or applying a user action to it?

https://fusionauth.io/docs/v1/tech/tutorials/gating/setting-up-user-account-lockout

or

https://fusionauth.io/docs/v1/tech/apis/users#delete-a-user

jason

@dan Sorry, I misspoke here - it should say, when we deactivate a user, not when we lock a user. We are calling the Java client deactivateUser() method:

dan

@jason Looks like a bug to me. Either a code bug (where we should update it) or a doc bug (where we should note that the lastUpdateInstant isn't changed).

Can you please file an issue about this: https://github.com/fusionauth/fusionauth-issues/issues and we'll slot that into our work queue.

For a workaround, the only thing I can think of is to listen for the user.deactivate event: https://fusionauth.io/docs/v1/tech/events-webhooks/events/user-deactivate

You could create a custom user.data.deactivateTimestamp and set that when the webhook fires.