Skip to Main Content
Cumulocity IoT Feedback Portal
Status Likely to support/improve
Created by Guest
Created on Jan 24, 2023

Automatically disable users if not logged in since time period


this is somehow related to Request: C8YCORE-I-513

But, here I would like to request an automated function, that disables users after a defined time period of inactivity.

Time period can be: 1 month, 3 month, 6 months, (imho 6 is too much, but depends on security departments ;))

If you add the previous information to the Administration area with lastlogin

then you can use this for an automated email to be sent to the users:

if they did not login after 1 month, warning them a week before: beware your account will be disabled.

if after 6 months no change, delete the user. Warning to the user 2 weeks and 1 week and 1 day before deletion.

That way, it can be kept clean. It is too much overhead for admins to keep all the users tracked.

Of course that is for huge corporations a use case. For smaller customers that probably not required. Nevertheless I believe it is also a selling point. And does not require much development.

having lastlogin in a DB

a service or a cronjob going through the users last logins, marking users to disable in DB, adding a timestamp

same service checkes if timestamp matches 2 weeks, 1 week, 1 day before deletes users.

And a simple email to be sent --- this functionality is already available in C8Y (password forgotten, etc.)

  • Attach files
  • Admin
    Jane Porter
    Apr 5, 2023

    Hi Christoph,

    Currently we rely on the SSO integration to provide this capability, however it is entirely reasonable to expect Cumulocity IoT to also support this feature in our user management area. We will consider this Idea for inclusion in a future release.

    Regards, Jane Porter