13 Replies Latest reply on Jun 8, 2017 7:54 AM by Ryan Rutan

    Ban and deactivate user by API

    thales

      Is there a way to ban users and deactivate their account using the Rest API?

        • Re: Ban and deactivate user by API
          anupgandhi

          I assume when you say Ban users you are talking about banning them in social groups. You can use the member service to ban the desired user(s) from a group, check out the state field

           

          Jive REST Rest API v3.10 → Member entity

           

          You can deactivate the user using the following REST API

           

          Jive REST Rest API v3.10 → Person service

           

          Set the enabled flag to false in Person object and that should deactivate the user.

           

          Having said that, what is the use case that you are trying to address? I would think that deactivating the user should be good enough however seems like you have some other requirement around banning them too.

          2 people found this helpful
            • Re: Ban and deactivate user by API
              thales

              By ban I mean: Admin Console > People > Settings > Ban Settings

               

              /admin/settings-ban.jsp?type=0

               

               

              We have a larger issue at hand with spam. This is a similar attack as the Korean one that hit the Jive Community. We use SSO, so the accounts are being authenticated before they even log into our community. I was looking for a way to remove the content and ban/deactivate the user account. The problem is that they are creating accounts faster than I can ban then and clean up the content.

                • Re: Ban and deactivate user by API
                  anupgandhi

                  Oh, forget the first part of my comment related to social group ban however the REST API for deactivating users should still work.

                    • Re: Ban and deactivate user by API
                      craig.mcclanahan

                      Oh, forget the first part of my comment related to social group ban however the REST API for deactivating users should still work.

                      Anup is right on about deactivating the user.  But if you want, you could go beyond that and delete the offending content programmatically as well.

                      • Identify the user you want to do this to, and end up with a GET /api/core/v3/people/xxx to retrieve that person.  Be sure you use fields=@all on whatever this final query is, so that a complete replace does what you expect.
                      • Set the jive.enabled field to false, and do a PUT /api/core/v3/people/xxx to deactivate the person.
                      • Retrieve all the content for this person:  GET /api/core/v3/contents?filter=author(/people/xxx)
                      • For each content object, delete it:  DELETE /api/core/v3/contents/{contentID}

                       

                      I could easily imagine this being a script where you fed in the username or email address or something.  Just don't accidentally do this to your CEO's user or you might be looking for a new one for yourself .

                       

                      NOTE:  Of course, the user that executes the script must have admin privileges for this to work.

                      1 person found this helpful
                        • Re: Ban and deactivate user by API
                          thales

                          I have already got the delete content part in place. I am actually finding content first, and then pulling the username from the content author. I can search terms programmatically that the keyword interceptor doesn't catch.

                           

                          The reason why I am wanting to ban the users in addition to deactivating them is because we us SSO and had the ESAML setting to reactivate the account on login. We have that currently disable, but if in the future we were to re-enable that then I want to be prepared.

                            • Re: Ban and deactivate user by API
                              jpadilla

                              are you still having the en-enable issue when users login again thru sso? if so, there is an option is the saml config ... you'll need to uncheck the re-enabled disabled account option. in doing that the user will get an sso issue when trying to login.

                                • Re: Ban and deactivate user by API
                                  thales

                                  We actually made the decision to uncheck this option, so it's no longer an issue. Thanks for following up.

                                  • Re: Ban and deactivate user by API
                                    mark.schwanke

                                    Why does it give an SSO issue?

                                    k3467

                                     

                                    are you still having the en-enable issue when users login again thru sso? if so, there is an option is the saml config ... you'll need to uncheck the re-enabled disabled account option. in doing that the user will get an sso issue when trying to login.

                                    Timothy Hales

                                     

                                    Are you banning Login or Post on Jive side?  I'm finding that banning login, if authenticated and still active on the allow the user to continue posting until their session ends.  Banning Post seems to cease them actively posting.

                                     

                                    Are you finding that doing the ban first and then deactivate is the way to go?  When I try to do deactivate from Jive Admin and then try to ban, the user doesn't exist so it seems that you have to ban and then deactivate if doing it manually.

                                     

                                    Are you going back and banning IP address in Jive to prevent additional accounts with same IP?

                                     

                                    Are you deleting the user's content or the Jive account? I assume if you delete the Jive account as long as you ban in the IDP they can't get back in. How does it affect  your CMR or Community Analytics?

                                      • Re: Ban and deactivate user by API
                                        thales

                                        We ended up setting up a moderation process on the SSO side before the account even gets to Jive.

                                         

                                        If they do get through, we ban and then deactivate the account. I normally delete their content from the Admin Console under their profile.

                                         

                                        We tried banning IP addresses, but they use a random proxies that make this extremely difficult.

                                         

                                        Deactivating the account remove the account completely from analytics.

                                          • Re: Ban and deactivate user by API
                                            mark.schwanke

                                            Thanks Tim.

                                             

                                            I banned an account last week with our IDP. Their account had a Ban Post assigned for a couple days. Then Yesterday I deleted the account on Jive.  Last night It appears their account was created again on Jive.  So apparently our SAML has a loophole of some kind that is allowing people to still authenticate.  Frustrating!!!!! When I deleted the user it looks like it deleted the User Ban as well. Not surprising. I was surprised though that the account was possibly hard deleted and and wasn't just soft deleted. I was expecting that even if I had deleted the account that a new account couldn't be created as it would say that "email address" is already in use.  But perhaps the email address is made invalid in some way making it possible to use the same email address again.

                                             

                                            Great to know about analytics.  Will need to test that.

                            • Re: Ban and deactivate user by API
                              umesh

                              Hello,

                               

                              I am trying to do it via c#.net code. Do you have any code snippet to deactivate user?

                               

                              Thanks