Uploaded image for project: 'Identity'
  1. Identity
  2. ID-7748

Admin API cannot be used on unverified accounts

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • Profile - View
    • None

      Issue Summary

      Unverified accounts can be be managed using the admin APIs. The following endpoints cannot be used against unverified accounts. 

      GET /users/{account_id}/manage/profile
PATCH /users/{account_id}/manage/profile
PUT /users/{account_id}/manage/email
POST /users/{account_id}/manage/lifecycle/disable
POST /users/{account_id}/manage/lifecycle/enable

      Steps to Reproduce

      Use the admin API to deactivate an unverified account.

      curl --request POST \
  --url 'https://api.atlassian.com/users/<UNVERIFIED_ACCOUNTID>/manage/lifecycle/disable' \
  --header 'Authorization: Bearer <ORG_APITOKEN>' \
  --header 'Content-Type: application/json' \
  --data '{
  "message": "..."
}'

      Expected Results

      The unverified account should be deactivated.

      Actual Results

      Error message returned

      < HTTP/2 403 
{"key":"forbidden.targetUnverified",
"context":"Error: Cannot perform action on unverified account",
"errorKey":"forbidden.target-unverified",
"errorDetail":"Error: Cannot perform action on unverified account"}

      Workaround

      Perform the deactivation via the org managed account admin interface if possible.

            [ID-7748] Admin API cannot be used on unverified accounts

            Joel Ryden made changes -
            Remote Link Original: This issue links to "KIRBY-2142 (Jira)" [ 562123 ] New: This issue links to "KIRBY-2142 (Hello Jira)" [ 562123 ]
            Kat N made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 581233 ]
            luey 🥝 (Inactive) made changes -
            Link New: This issue is duplicated by ID-7762 [ ID-7762 ]

            Paul Benario added a comment -

            Awesome, thank you Luey! We'll test it out!

            Paul Benario added a comment - Awesome, thank you Luey! We'll test it out!
            Nobuyuki Mukai made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 570233 ]
            luey 🥝 (Inactive) made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: In Review [ 10051 ] New: Closed [ 6 ]
            luey 🥝 (Inactive) made changes -
            Status Original: In Progress [ 3 ] New: In Review [ 10051 ]
            luey 🥝 (Inactive) made changes -
            Status Original: Short Term Backlog [ 12074 ] New: In Progress [ 3 ]

            luey 🥝 (Inactive) added a comment - - edited

            Hi everyone!

            I'm the developer who worked on this change.

            I'm happy to announce that we have removed the verified target account restriction for all endpoints listed in the ticket, including /disable. Feel free to leave me a comment if you have any problems.

            If there’s a request that hasn’t been addressed with this update, please raise a new feature request so that we can track it separately.

            luey 🥝 (Inactive) added a comment - - edited Hi everyone! I'm the developer who worked on this change. I'm happy to announce that we have removed the verified target account restriction for all endpoints listed in the ticket, including /disable . Feel free to leave me a comment if you have any problems. If there’s a request that hasn’t been addressed with this update, please raise a new feature request so that we can track it separately.
            Bugfix Automation Bot made changes -
            Support reference count Original: 3 New: 4

              ayang@atlassian.com Aneita
              rmacalinao Ramon M
              Affected customers:
              7 This affects my team
              Watchers:
              17 Start watching this issue

                Created:
                Updated:
                Resolved: