Lock Users after Inactivity [SUPPORT REPORTING]

[LucasPMorris]

Lock Users after Inactivity [SUPPORT REPORTING]

Feature Suggestion
Allow the enabling of automatically locking a user if they have not logged in after a specified amount of time.

Current Solution
By making various API calls one can determine the last time a user logged in and action that user if their last login was X amount of time ago. While this solution is possible it requires software running from outside of FusionAuth that will have to make a potentially large amount of API calls on a recurring basis.

Customer request per Zendesk ticket 74100.

[andrewpai]

This is now possible using the new Login Validation Lambda. You can look at the user.lastLoginInstant property to determine how long it's been since the last login, and deny the login if it's been too long.

We probably won't be implementing this as a first-class policy in FusionAuth in the near term, but we'll keep this issue open so we don't lose track of the request.