Get details which blocked user tried to login

Problem statement

How do we get the user details in the callback when the response description is blocked user?
Even the log for failed login with blocked user description does not store the user id.

Symptoms

A user has been blocked by a tenant admin and cannot login, however the callback to the application does not provide any user details.

Cause

Because the information is not sent back in a callback, the tenant admins need to inspect “type:f” logs with description “user is blocked”.

Solution

In the failed login event for a “user is blocked” failure, there should be in the details section either:

  • A “wresult” field containing an ID token for the blocked user - this could be pasted into jwt.io for inspection.
  • The log will contain the user’s username in details > body > username