HsM manages the life-cycle status for each user. Table 17 shows the status a user can be in.
Status |
Description |
|---|---|
Created |
User was created in HsM (e.g. via invitation or data synchronization), or but was never matched with an user from the used identity service, i.e. has never signed in. |
Active |
User is matched to an identity service user. |
Deleted |
Instead of actually deleting a user (which is not supported by theClient Service) user can be marked as deleted. When a user is marked as deleted it will never be matching a user from the used identity server. The uniqueness constraint for the e-mail addresses and identity provider ID of users does not include deleted users. |
Table 17: User life-cycle status
From status |
To status |
Notes |
|---|---|---|
Created |
Active |
This transition is automatically performed once a user is matched to an identity service user, this transition cannot be performed via API. |
Active |
Deleted |
This transition can only be performed by users with permission EDIT_USERS. Users marked as externally managed can only be transitioned to Deleted via the Synchronization API. |
Deleted |
Created |
This transition can only be performed by users with permission EDIT_USERS. The transition is only possible if the e-mail address and Identity Provider ID stored with the user is not used with another user in status Active or Created. Users marked as externally managed can only be transitioned to Active via the Synchronization API. |
Created |
Deleted |
This transition can only be performed by users with permission EDIT_USERS. Users marked as externally managed can only be transitioned to Deleted via the Synchronization API. |
Table 18: Supported user life-cycle status transitions
Users in status deleted are not authorized for anything on the Client Service. I.e. no matter which roles the user is assigned on the system or on customers the user will effectively have no permission.
