- SAP Managed Tags:
Thanks to new features delivered with the Quarterly Release Update (QRC) in Q4 2024 the SCIM API now supports deactivating users. (The Q4 release is expected 15-17 November 2024)
This was a popular request and received a good number of votes in the Influence Portal (idea number 304030).
The ‘isActive’ user property was previously read-only, but now we can change this setting on a user basis via the user's endpoint for both version 1 and version 2 of the SCIM API.
Updated Sample Scripts
I have added 4 new sample scripts to my article ‘SAP Analytics Cloud User and Team Provisioning SCIM API Best Practices and Sample Scripts’ that enable you to automate the deactivation of users and teams of users.
The 4 new samples added are:
- SCIM 1402-U-U-Ua-Fcj-Es-Update User Active status
- SCIM 2402-U-U-Ua-Fcj-Es-Update User Active status
- SCIM 1452-TU-U-Ua-Fcj-Es-Update Team Active status
- SCIM 2452-TU-U-Ua-Fcj-Es-Update Team Active status
The samples 1xxx, use version 1 of the SCIM API, and the samples 2xxx, use version 2.
Samples x402 update a user's active status one at a time, while samples x452 update a whole team of users.
For those budding API enthusiasts, the version 2 samples use the PATCH and BULK operations.
Updated Scenarios
Whilst the samples above are helpful, the real value is my updated ‘scenarios’ that help manage users' life cycles, particularly the deactivation and eventual deletion of dormant users. A scenario is a straightforward concept comprising sets of pre-configured sample data files. Each scenario addresses a single use case by combining different sample scripts (Postman collections) in a particular order.
It means most of the thinking has been done for you. All you need to do is tweak the data files for your needs.
There are 5 updated scenarios for managing dormant users, as this topic is surprisingly complex. At a high level, this diagram shows what is possible.
The image above shows when users were created and their historic login activity. This table explains the logic determining if the user is dormant or not:
User 1 | User-created over 3 months ago,without any logins since creation. | The user is deactivated. |
User 2 | User-created under 3 months,without any logins since creation. | No changes made |
User 3 | User-created over 3 months ago andhas 2 or fewer logins within the last 90 days.The user has no login within the last 30 days. | The user is deactivated. |
User 4 | User-created over 3 months ago, buthas 3 logins within the last 90 days anda login within the last 30 days. | No changes made |
User 5 | User-created over 3 months ago andhas 2 or fewer logins within the last 90 days, butthere was a login within the last 30 days. | No changes made |
User 6 | User-created over 3 months ago, buthas 4 logins within the last 90 days, althoughno login within the last 30 days. | No changes made |
User 7 | User-created over 6 months ago,without any logins since creation and is already deactivated. | The user is deleted |
User 8 | User-created under 6 months,without any logins since creation and is already deactivated. | No changes made |
User 9 | User-created over 6 months ago andhas 2 or fewer logins within the last 120 days.The user has no login within the last 60 days and is already deactivated. | The user is deleted |
| User 10 | User-created over 6 months ago, buthas 3 logins within the last 120 days anda login within the last 60 days. | The user is deactivated. |
| User 11 | User-created over 6 months ago andhas 2 or fewer logins within the last 120 days, butthere was a login within the last 60 days. | The user is deactivated. |
| User 12 | User-created over 6 months ago,has 2 logins within the last 120 days, althoughno login within the last 60 days. The user is already deactivated. | No changes made |
Please visit this updated article SAP Analytics Cloud – Managing dormant users for the next level of detail.
Alternatively, if you can't wait to get started, download the user guide which provides step-by-step instructions from this blog post (search for 'Sample Scripts User Guide').
2 Comments
