Preventing lastLoginInstant Updates on User Creation in FusionAuth
-
When creating a user via the API, the response includes a token field, which causes the lastLoginInstant value to be populated. However, this is misleading because the user has never actually logged in—they were only created.
Questions:
- Is there a way to avoid setting lastLoginInstant immediately upon user creation?
- Are there any workarounds to track actual logins separately?
-
Yes, this behavior occurs because creating a user via the API returns an access token, which indirectly updates lastLoginInstant.
Workarounds:
- Use the Import API Instead
- The Import API allows you to create users without generating an access token, preventing the lastLoginInstant field from being updated.
- API Reference: Import Users API
- Track Logins Using Webhooks
- If lastLoginInstant is needed for business logic or reporting, consider tracking actual user logins via webhooks instead.
- FusionAuth provides user.login.* webhook events to capture real login activity.
- API Reference: User Login Webhooks
By using the Import API for user creation and webhooks for tracking real logins, you can avoid the unintended side effect of lastLoginInstant being updated upon user creation.
- Use the Import API Instead
-
W wesley has marked this topic as solved on