How to delete a user completely using esign REST API - docusignapi

Need to completely erase a user record in the account after being closed.
After successfully deleted a user according to the API reference, the user is still visible in DocuSign. Since the documentation says the user is never deleted, need to know if there is a way to delete completely or if is not possible.
https://developers.docusign.com/esign-rest-api/reference/users/users/delete
DELETE https://NA3.docusign.net/restapi/v2/accounts/<account_id>/users
Request Body: {"users":[{"userId"=>"<user_id>"}]}
Response Body: {"users":[{"userId"=>"<user_id>", "uri":"/users/<user_id>", "userStatus"=>"closed"}]}
After successful deletion, the user is still visible in DocuSign. Need to know if there is an end point to really delete a user.

You cannot actually delete a user. per https://developers.docusign.com/esign-rest-api/reference/Users/Users/delete:
"Closes one or more user records in the account. Users are never deleted from an account, but closing a user prevents them from using account functions."
This is for various reasons including security, legality and ability to refer to old documents by users who were deleted.

Related

Yodlee: How to delete every user's linked accounts in a single API call

How can delete all of user's linked accounts without having to make multiple API calls for each account or unregistering the user? I currently using documented /accounts/ endpoint to delete each one however sending a separate requests for each deletion takes far too long for users with multiple accounts.
You can unregister the user which effectively deletes all of the user’s accounts.
You can delete the providerAccount and it will delete all associated accounts.
e.g., DELETE https://developer.yodlee.com/providerAccounts/{providerAccountId}

How to link logged users to their data, retrieve and update them in MySQL table

This is the my web-app "User Settings" page.
I have simplified it to a minimum to better highlight the problem.
To authenticate users I use Auth0, I wanted to use the sub claim user_id to identify the users inside my MySQL database for update and retrieve user's info. Unfortunately the user_id is different for each provider, for example, if the same user with the same e-mail logs-in via Auth0 he gets a user_id if he does it via google he gets another one.
I thought about using email to link logged user to his info.
The problem is in my API. Before the change it was "localhost: 8080 / api / users /: id"
each time it created a new id and in any case it was impossible to recover the data of the single user. Now that I have replaced "id" with "email" my API has also changed in "localhost: 8080 / api / users /: johnsmith#xxx.com".
Before:
After:
In a few words, the request url on the client side has also changed.
I would like to make sure that the GET and PUT requests are made based on the e-mail of the logged user without going to modify the whole back-end.
Sounds like something is wrong with how you authenticate users. If you have multiple ways to authenticate a user, those methods need to be in a one to many relation with the user. For example each user has a list of auth-methods, and whenever an authentication is made you check your table of authentication methods and find the one user it maps to.
Im not sure if you are doing this yourself or if the framework you are using is handling that, but it sounds like you need to change the model to allow many Auth methods for a single account.
Also you could use email, but that is also an "old" way of uniquely identifying users almost every single person has multiple active email accounts nowadays, so you should also have a one-to-many relation for users to emails. What if the user has different email accounts for their Facebook and Google accounts?
See account linking here: https://auth0.com/docs/users/user-account-linking
It is dangerous to trust that the external providers are truthful about what email belongs to who. What if I open a new account using someone else's email on one of the providers? Then I can log into that users account in your application, which is a pretty big security risk.

Asana Remove User

I always get
Call restricted to workspace admins when using remove user api. Is there any way to work around and remove user from api.
Also when I add someone using addUser api they are added as Guest is there any way to make them member?
There is no way to work around having to be an admin to POST to /workspaces/workspace-id/removeUser. This is by design as it could cause security issues if everyone was capable of deleting users in a workspace.
When adding a user with the API, they will be added as a member if the new user's email address matches the domain of the workspace. If it doesn't match, they will be added as a guest.

How does account validation work?

Usually when you create an account to some webpage they send you an email with a link in order for you to validate your account.
If you click that link then you account is validated and thats the end of it.
How does this work?
Is that url unique for every new user so they know who visited what?
This is not a web service related question, however I can conceptually guide your through what you need to do.
When a user registers their information will probably be captured into some user table in a database somewhere. This user is marked as pending. The system can then generate a unique id i.e. a GUID which is stored next to the user entry in the database. This GUID if properly constructed will be impossible to guess. This GUID is then added as a GET parameter to the URL that you in an email to the user.
For example you might have the URL:
http://example.com/activateuser?confirmuid=5e706449-2cbf-4938-8109-fb564c196d8f
Thus every user will use the same URL with different confirmuid parameter. This URL will then post the confirmuid to the page where you can then use this value to look up the user in the database and then active the user or move it from a pending state to an active state.
Simple right.

Detecting dead accounts and cleaning them from a SharePoint site

I've been asked to create a solution which detects the dead accounts and cleans it up from a SharePoint site.
I found a code snippet here (in the comments) which checks each user against the AD and cleans up the account. But the LDAP details are hardcoded in the code. What happens if i want to detect it dynamically and check the dead accounts? Is there a more elegant solution to do this?
Any ideas?
I looked at the code and it does NOT use LDAP at all. There are no authentication details anywhere in the code. All the code assumes is that an Administrator is running it from the server. It itterates the site collection users and removes them all.
This doesn't check for dead accounts. For that you'd have to check the value of web.SiteUsers[offsetIndex].ID against your LDAP database for suspended and/or deleted users and then ONLY remove those users.

Resources