Whenever i make management API call to reset user multifactor, I don’t get updated profile i.e multifactor present the ‘profile’ object doesn’t update. It updates only when that user logout and login again.
For example :
user profile : {
‘name’…,
multifactor : ‘google-authenticator’]
}
After resetting multifactor :
user profile : {
‘name’…,
multifactor : ‘google-authenticator’]
}
When user logout and login again:
user profile : {
‘name’…,
multifactor : ]
}
How to get real time update in user profile ???
Based on the information you provided I performed the following steps:
- Created a database connection user (User X).
- Configured MFA with Google Authenticator.
- Executed a GET
/api/v2/users/{id}
request for User X which returned the following data multifactor : ]
.
- Performed an authentication with User X which included enrolling for MFA with Google Authenticator.
- Executed a GET
/api/v2/users/{id}
request for User X which returned the following data multifactor : 'google-authenticator']
.
- Executed a DELETE
/api/v2/users/{id}/multifactor/{provider}
request for User X and for the Google Authenticator provider.
- Executed a GET
/api/v2/users/{id}
request for User X which returned the following data multifactor : ]
.
With the above steps I was unable to reproduce the situation; the requests were performed through an interactive HTTP client application so there was some user delay between the DELETE and the next GET call, but I don’t think that would have any impact. Can you confirm if I used the same endpoints as you and if so please provide more detailed information about the process through which you can reproduce the issue, for example, if the sequence of requests is done programmatically share the relevant code that exhibits the behavior.
@jmangelo yes I performed exactly these steps only. Just a difference that I used /api/v2/users to get all the user …In that response, the multifactor is not updated. Anyway thanks for your support.
@jmangelo yes I performed exactly these steps only. Just a difference that I used /api/v2/users to get all the user …In that response, the multifactor is not updated. Anyway thanks for your support.
The different endpoint explains the situation, the /users
endpoint is meant for search operations and the data available in search is subject to some indexing delay that could be the cause of the observed behaviour.