-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add endpoint in admin api to list/delete users #22
Comments
A question for clarification: As we want to introduce transactions in #23, do we also want to be able to delete users who made a transaction? Without the user we would loose some information about the person who initiated the transaction. I don't know which impact this will have on regulations and their compliance. |
I would say yes, you can delete a user with transactions but I also think we need a way to get those transaction data. Then we can show (e.g. in Hanko Cloud) that a user has transactions and the Hanko Cloud user must confirm that he really wants to delete the user. This way we can also allow the Hanko Cloud user to download the transactions for the user before he deletes the user. What do you think @FlxMgdnz? Also forgot to mention, each credential from each user should also be deletable from the admin api. |
User deletion seems reasonable. I assume there's still an immutable audit log entry for each transaction, right? |
there will be one, yes but we only persist the userId in that audit log entry. Information like userName/displayname will be lost on delete. |
* add admin user service to add user get, list and remove method * rename misspelled file * add router for user requests * extend webauthn user persister * update spec Closes: #22
* feat(admin): add user list/get/remove method * add admin user service to add user get, list and remove method * rename misspelled file * add router for user requests * extend webauthn user persister * update spec Closes: #22 * fix(review): fix review findings * update public spec for transaction list * cleanup public spec * switch tenant_id path entries with reference to component * add transaction tag * add user_id as path param * add paging to user list in admin api call * add paging to admin spec * rename userid to user_id in transaction list handler --------- Co-authored-by: Stefan Jacobi <stefan.jacobi@adesso.de>
Add an endpoint to the admin API to list, get and delete users (including the credentials).
The text was updated successfully, but these errors were encountered: