How do I revoke user access, i.e. stop them from being able to access my apps any further?
I know that I am billed for the total number of unique users that can access my apps, regardless of if they are active or not, and so to avoid being charged for users that are no longer using my apps I should revoke their access.
Hi @forumfred
Thanks for the question. There are two ways to revoke users on the JourneyApps platform. It is done per app deployment, either using the backend Data Browser or the JourneyApps Backend API.
OPTION 1: Revoking Users via the Data Browser
Access the Backend Data Browser in Question
Access the ‘Users’ Table
Find and select the user you want to revoke
Example 1 - User Currently Enrolled
Click ‘Device Details’ (or ‘Enroll’ if the user is not currently enrolled) to go to the User/Enrollment Details Page
Example 1 - User Currently Enrolled
Click ‘Lock User’ and follow the on-screen prompt
Once the user is locked, they will be listed as such in both the User Details page, and in the User Table
Example 1 - Locked User in the User Table
Example 2 - Locked User on the User Details Page
OPTION 2: Revoking Users via the Backend API
Revoking Users via the Backend API is really simple, you just need to make a POST request to /api/v4/app-instance-id/users/user-id/lock - docs here
So in the example of John Smith above, that would be a POST to https://run-testing-us.journeyapps.com/api/v4/5e34a0cf07601117d334598c/users/ad66ab80-4d54-11ea-b7e8-77bec61efea5/lock with a JSON payload of {"wipe":true/false}
This can also be done as a batch API operation, and so again in the case of John Smith that would be a POST to https://run-testing-us.journeyapps.com/api/v4/5e34a0cf07601117d334598c/batch.json
with a JSON payload of
{
"operations": [
{
"method": "users/lock",
"user_id": "ad66ab80-4d54-11ea-b7e8-77bec61efea5",
"wipe": true/false
}
]
}
OPTION 2a: Revoking Users via the Backend API - Using CloudCode
Below is a basic example of a CloudCode task that receives a User ID and then proceeds to lock the associated user (this would typically be used directly from the App Runtime using CloudCode.callTask, but can easily be updated to use a webhook instead
import { TaskContext } from '@journeyapps/cloudcode';
interface taskParams {
userId: string
}
interface taskResponse {
success: boolean,
message?: string
}
export async function run(this: TaskContext, params: taskParams) {
// Your code here
let taskResponse: taskResponse = {
success: false
};
if (!params || !params.userId) {
console.log(`No userID provided`);
taskResponse.success = false;
taskResponse.message = "No user ID provided";
return taskResponse;
}
let user = await DB.user.first(params.userId);
if (!user) {
console.log(`No user found with ID: ${params.userId}`);
taskResponse.success = false;
taskResponse.message = "No user found matching ID";
return taskResponse;
}
// getting ready to post lock API call
let payload = {
wipe: false
};
const options = {
method: 'POST',
headers: {
'Authorization': `Bearer ${this.backend.token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify(payload)
}
const url = `${this.backend.url}/users/${user.id}/lock`
console.log(`About to lock user with URL: ${url}`);
try {
let response = await fetch(url, options);
if (response.ok) {
console.log('Lock successful');
taskResponse.success = true;
taskResponse.message = "User locked successfully";
} else {
console.log('Lock NOT successful');
taskResponse.success = false;
taskResponse.message = response.statusText;
}
} catch(er) {
console.log(`API Call failed: ${JSON.stringify(er)}`);
taskResponse.success = false;
taskResponse.message = er.message;
}
console.log(`Task Response: ${JSON.stringify(taskResponse)}`);
return taskResponse;
}
I hope this helps