Revoke access to Indicium login when period is over

  • 15 February 2021
  • 1 reply

Userlevel 4
Badge +15

We've managed to set up an app service using OpenID. However, if the user is no longer allowed to access the application (trial expired), I would like to revoke its access to the OpenID client.

I expected the “Period” setting in IAM > Users should disable the login via Indicium.

Unfortunately it doesn't block the user access to the OpenID client via the Indicium login page. A simple work around is changing the users password and disable the password change, or remove the user.

Is it somehow possible to revoke access for a specific user to the OpenID client? For example when the period is over.

1 reply

Userlevel 5
Badge +2

Hello René,

The Ends on date is currently implemented to remove all access to applications for a user, without actually blocking authentication itself. I agree that it should work as you expected it to work and that users should be unable to sign in at all once this date has passed.

We have created a ticket for you in TCP regarding this issue. The responsibility for this actually lies with IAM, so the issue will be resolved there, probably by means of a hotfix.