User suspension

Typically, you want to suspend a user so they cannot gain access to their account. This may be because you want to protect the user’s data due to a password leak or perhaps, there was a data breach and you need to suspend multiple accounts while solving the security issue. This page explains the user suspension process and how to suspend users via the console.

Check out the Management API for more details on using the API to suspend and unsuspend users:

User suspension overview

When suspending a user, you have two options:

  1. Suspend their account with the possibility to reactivate with a password reset link.

  2. Suspend their account where they must contact the administrator to have their account unsuspended.

When a user is suspended, all login attempts are blocked and any active tokens and sessions are revoked.

Reset with password

When you suspend a user via the Suspend user endpoint, you can set the allow_password_reset parameter to either true or false. You must set this parameter to true in order to allow users to reactivate their account via password reset.

When you do this, the user receives a notification (email or SMS) where they are have the option to follow a password reset link. The content of the message is configurable via the account suspension template.

Account suspension template

The account suspension template allows you to configure what message the user receives when their account is suspended. To access this feature, navigate to Emails > Templates from within your ReachFive console.

The following fields are configurable. Check out the visual below for more help.

Callout Field Description

1

From

Specifies the email address of the sender.

2

Subject

The email subject.

The templating language is liquid.

3

Redirect to

The redirect URL.

4

URL Lifetime

Specifies how long the redirect URL should last in seconds.

5

Message

The message that the user receives.

The templating language is liquid.

console email account suspension template

They can also receive a password reset link by clicking Forgot Password.

Reset via administrator

When you suspend a user via the Suspend user endpoint and the allow_password_reset parameter is set to false or you suspend the user via the ReachFive console, the user does not receive a password reset link and it is not possible for the user to reactivate by changing their password.

If the user tries to login, they receive a message that instructs them to contact the account administrator.

This prevents any potential security issues from becoming larger and helps you sort the issue in the meantime.

Suspend a user from the Console

To suspend a user via the ReachFive console, you must have the following:

  • Console access

  • At least a CRM User console role.

Instructions

  1. Log in with your credentials to the ReachFive console.

  2. From the sidebar, go to Profiles.

  3. Select the user you want to manage.

  4. From the Actions dropdown button, select Suspend.

    manage suspend user from console


Use the same steps to unsuspend a user. Choose Unsuspend.


What just happened?

When you suspend a user from the console, the user does not receive an email to reactivate via password. The only way to unsuspend the user is to unsuspend them from the console or with the Unsuspend user endpoint.