Airlock IAM supports cleaning up the current login status of users based on services that allow users to be locked by an IAM service. This allows deleting OAuth 2.0 session tokens and Remember Me cookies, i.e., in case of a voluntary password change or if a user has been locked out for some other reason.
Note that when importing an IAM 8.0 configuration and earlier, the cleanup is deactivated by default and should be activated manually, as described below in this article.
- IAM services that can provide user locking:
- AuthenticationStatusService
- ClientFingerprintingLogoutAction
- MaxFailedAttemptsImpl
- LockCommonService
- LockSelfServiceStep
There is currently no cleanup when users are locked during Transaction Approval.