passkeys icon indicating copy to clipboard operation
passkeys copied to clipboard

Published 20 hours ago verified publisher icon teamhanko

Add endpoint in admin api to list/delete users

Open FreddyDevelop opened this issue 1 year ago • 4 comments

Add an endpoint to the admin API to list, get and delete users (including the credentials).

FreddyDevelop avatar Nov 23 '23 14:11 FreddyDevelop

A question for clarification: As we want to introduce transactions in #23, do we also want to be able to delete users who made a transaction? Without the user we would loose some information about the person who initiated the transaction. I don't know which impact this will have on regulations and their compliance.

shentschel avatar Nov 23 '23 14:11 shentschel

I would say yes, you can delete a user with transactions but I also think we need a way to get those transaction data. Then we can show (e.g. in Hanko Cloud) that a user has transactions and the Hanko Cloud user must confirm that he really wants to delete the user. This way we can also allow the Hanko Cloud user to download the transactions for the user before he deletes the user. What do you think @FlxMgdnz?

Also forgot to mention, each credential from each user should also be deletable from the admin api.

FreddyDevelop avatar Nov 23 '23 15:11 FreddyDevelop

User deletion seems reasonable. I assume there's still an immutable audit log entry for each transaction, right?

FlxMgdnz avatar Nov 23 '23 15:11 FlxMgdnz

there will be one, yes but we only persist the userId in that audit log entry. Information like userName/displayname will be lost on delete.

shentschel avatar Nov 23 '23 15:11 shentschel