User suspension

Typically, you want to suspend a user so they cannot gain access to their account. This may be because you want to protect the user’s data due to a password leak or perhaps, there was a data breach and you need to suspend multiple accounts while solving the security issue. This page explains the user suspension process and how to suspend users via the console.

Check out the Management API for more details on using the API to suspend and unsuspend users:

User suspension overview

When a user is suspended, all login attempts are blocked and any active tokens and sessions are revoked. When suspending a user, you have two options.

Suspension type `allow_password_reset` `suspensionStatus`

1) User is suspended temporarily and can reactivate with a password reset link.

true

temporary

2) User is suspended indefinitely and must contact their administrator for the account to be unsuspended and reactivated.

false

permanent

Request password reset

When you suspend a user via the Suspend user endpoint, you can set the allow_password_reset parameter to either true or false. You must set this parameter to true in order to allow users to reactivate their account via password reset.

When you do this, the user receives a notification (email or SMS) where they are have the option to follow a password reset link or verification code respectively.

The user only receives an SMS when there is no email address associated with their profile.

Email account suspension template

The account suspension template allows you to configure what message the user receives when their account is suspended. To access this feature, navigate to Emails > Templates from within your ReachFive console.

The following fields are configurable. Check out the visual below for more help.

Callout Field Description

1

From

Specifies the email address of the sender.

2

Subject

The email subject.

The templating language is liquid.

3

Redirect to

The redirect URL.

4

URL Lifetime

Specifies how long the redirect URL should last in seconds.

5

Message

The message that the user receives.

The templating language is liquid.

console email account suspension template

SMS account suspension template

The SMS account suspension template allows you to configure what message the user receives when their account is suspended. To access this feature, navigate to SMS > Templates from within your ReachFive Console.

The following fields are configurable. Check out the visual below for more help.

Callout Field Description

1

Verification Code Lifetime

Specifies how long the verification code that is sent to the user will last before it expires and needs to be resent.

This is in seconds.

2

Message

The message that the user receives in the SMS.

The templating language is liquid.

console account suspension template

They can also receive a password reset link by clicking Forgot Password.

Reset via administrator

When you suspend a user via the Suspend user endpoint and the allow_password_reset parameter is set to false or you suspend the user via the ReachFive console, the user does not receive a password reset link and it is not possible for the user to reactivate by changing their password.

If the user tries to login, they receive a message that instructs them to contact the account administrator.

This prevents any potential security issues from becoming larger and helps you sort the issue in the meantime.

Suspend a user from the Console

To suspend a user via the ReachFive console, you must have the following:

  • Console access

  • At least a CRM User console role.

Instructions

  1. Log in with your credentials to the ReachFive console.

  2. From the sidebar, go to Profiles.

  3. Select the user you want to manage.

  4. From the Actions dropdown button, select Suspend.

    manage suspend user from console

  5. The profile of the suspended user is updated to indicate their status.

    manage suspended user from console


Use the same steps to unsuspend a user. Choose Unsuspend.


What just happened?

When you suspend a user from the console, the user does not receive an email to reactivate via password. The only way to unsuspend the user is to unsuspend them from the console or with the Unsuspend user endpoint.

Feedback