| description | Temporarily or permanently suspend a user’s ability to log in and use the system |
|---|
The Disable User feature allows administrators to temporarily or permanently suspend a user’s ability to log in and use the system.
When a user is disabled, they cannot authenticate and all active sessions are immediately terminated.
When a user is disabled:
- Login attempts are blocked
- Existing sessions are terminated immediately
- The user account and data remain intact
- The user can be re-enabled later if the disable period ends or is removed
Disabling a user is reversible unless the account is removed.
You can choose how long a user is disabled:
- Disable indefinitely
The user remains disabled until an administrator manually re-enables the account. - Disable until a specific date
The user is automatically re-enabled after the specified date and time.
When disabling a user, you can provide an optional disable reason. The reason is displayed to the user when they attempt to log in. This can reduce support requests and confusion.
You can disable a user with the Admin API or from the Authgear Portal:
- Go to Users
- Select the user
- Open the Account Status tab
- Click Disable user
- Choose the disable period
- (Optional) Enter a disable reason
- Confirm the action