Block Inactive users and unblock them again when tries to login

Help
,
1

Hi Everyone,

I’m working on automating the management of inactive users in my Auth0 tenant.

Here’s my setup:

  1. Blocking Users for Inactivity: I have a script that runs periodically to block users who haven’t logged in for more than 90 days. This script uses the Auth0 Management API to block the users. Here’s an overview of the process:
  • Fetch all users who haven’t logged in for 90+ days.
  • Block them using the /api/v2/users/{id} endpoint. The blocking part is working fine, and users are blocked after the inactivity threshold.
  1. Unblocking Users on Login Attempt: Now, I want to unblock these users automatically when they try to log in again. I tried adding an “Auth0 Action” under the “Post-Login” flow with a script that checks if the user is blocked and then calls the Management API to unblock the user. But it doesn’t work as expected as blocked users are unable to authenticate.

what would be the best approach to handle this scenario where users should be unblocked upon a login attempt after being blocked for inactivity?

Any advice or recommendations would be greatly appreciated! Thanks in advance.

3

This is expected behavior, users are unable to be unblocked with a Post Login flow because they are blocked before being logged in, thus preventing the Post Login flow from running.

May I ask what the reason for the blocking is if you still are wanting the users to be able to log in later?

A workaround for this, if you still need to tag a user as “inactive”, could be to update app_metadata with something similar to:

{
“Inactive”: true
}

after 90 days Instead of blocking them, and setting it to false in a Post Login flow, and use that information where you need it.

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.