Problem statement
This article explains how to retrieve the user’s last successful login inside a rule. The last_login includes logins that were made while the user was blocked.
Solution
One solution is to add a field to app_metadata, but this would not apply to existing logins.
To include existing logins, it’s possible to retrieve login events via the Management API and update the user’s app_metadata accordingly.
This requires using the Search log events endpoint, filtering by type:s to retrieve only successful logins. There is a 1000 record limit, so use the checkpoint parameter from to go beyond this by setting from to the last log_id when reaching the record limit. See Retrieve logs by checkpoint for more information.