Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Medium
Component/s: Profile - View
Labels:
None

Support reference count:
4
Symptom Severity:
Minor
Bug Fix Policy:
View Atlassian Cloud bug fix policy

Description

Issue Summary

Unverified accounts can be be managed using the admin APIs. The following endpoints cannot be used against unverified accounts.

GET /users/{account_id}/manage/profile
PATCH /users/{account_id}/manage/profile
PUT /users/{account_id}/manage/email
POST /users/{account_id}/manage/lifecycle/disable
POST /users/{account_id}/manage/lifecycle/enable

Steps to Reproduce

Use the admin API to deactivate an unverified account.

curl --request POST \
  --url 'https://api.atlassian.com/users/<UNVERIFIED_ACCOUNTID>/manage/lifecycle/disable' \
  --header 'Authorization: Bearer <ORG_APITOKEN>' \
  --header 'Content-Type: application/json' \
  --data '{
  "message": "..."
}'

Expected Results

The unverified account should be deactivated.

Actual Results

Error message returned

< HTTP/2 403 
{"key":"forbidden.targetUnverified",
"context":"Error: Cannot perform action on unverified account",
"errorKey":"forbidden.target-unverified",
"errorDetail":"Error: Cannot perform action on unverified account"}

Workaround

Perform the deactivation via the org managed account admin interface if possible.

Attachments

Issue Links

is duplicated by

ID-7677 Org API does not work for unverified accounts

Closed

ID-7762 User Management level API endpoints would throw an error for unverified accounts

Closed

is related to

ACCESS-1015 Unable to deactivate or delete unverified accounts

Closed

has action: KIRBY-2142 Loading...

mentioned in: Page Loading...; Page Loading...; Page Loading...

(2 mentioned in)

Activity

People

Assignee:: Aneita

Reporter:: Ramon M

Votes:: 7 Vote for this issue

Watchers:: 17 Start watching this issue

Dates

Created:: 18/Jun/2021 1:52 PM

Updated:: 14/Sep/2023 5:40 AM

Resolved:: 02/Aug/2021 2:30 AM