Product documentation
Support homeSupport requestsSystem statusTrust center

Automated Account Lifecycle Management

Suggest Edits

Automated Account Lifecycle Management in Strivacity CIAM provides a streamlined and compliant way to manage dormant accounts within your identity stores. This feature ensures that inactive or unused accounts do not persist indefinitely, reducing potential security risks and aiding in GDPR compliance. By automating account disabling and deletion based on predefined rules, this feature helps you maintain a clean and secure identity environment, while also generating audit trails that record each action for compliance purposes.

Capabilities:

  • Automatically disable accounts that have not logged in for a specified period (e.g., 18 months).
  • Automatically delete accounts that have been disabled for a certain duration (e.g., 6 months).
  • Clean up newly created accounts that have never been logged into within a specified timeframe (e.g., 24 hours).
  • Account events log actions taken by the lifecycle management rules, ensuring traceability and compliance.
  • Extended account management filters now include new lifecycle management variables like disabled_at.

Sample Use Cases

  • Inactive Account Management: Automatically disable accounts that have not logged in for more than 18 months to prevent unauthorized access.
  • Dormant Account Cleanup: Automatically delete accounts that have been disabled for over 6 months to reduce the risk of data breaches and minimize storage of unnecessary data.
  • Unused Account Cleanup: Automatically remove accounts that were created but never logged into within 24 hours, ensuring that test or accidental account creations do not clutter the system.

Configuration

  1. Navigate to Identities > Identity stores > [Select an identity store] > **Tab: Customer lifecycle management** in the Strivacity admin console main navigation.
  2. Select the new tab Account lifecycle management
  3. Click the +Create rule
  4. Define Rule Conditions:
    1. Select the appropriate variables:
      1. For disabling inactive accounts: Choose customer.last_login, set the condition to the desired timeframe
      2. For deleting disabled accounts: Choose customer.enabled set to "false" and customer.disabled_at set to the desired timeframe
      3. For cleaning up unused accounts: Define a condition where customer.last_login does not exist within the desired timeframe of creation.
  5. Specify Rule Actions:
    1. Choose from the available actions:
      1. Disable Account: Automatically disable the account if the condition is met.
      2. Delete Account: Automatically delete the account if the condition is met.
  6. Enable Hooks for Post-Action Processes:
    1. Configure hooks to be triggered after account updates and deletions to integrate with other systems or workflows as needed.
  7. Save and Activate the Rule:
    1. After defining the conditions and actions, save the rule.
      Ensure that the rule is active by toggling the activation switch.

This configuration allows you to maintain a clean and compliant identity store, automatically managing the lifecycle of accounts based on your organization’s policies and GDPR requirements.

Updated 20 days ago