How to lock okta user account using Okta API - Java? Skip to main content
https://support.okta.com/help/answers?id=906f0000000i029iac&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Ajay DeoAjay Deo 

How to lock okta user account using Okta API - Java?

How to lock okta user account using Okta API client - Java?
Raja NejemRaja Nejem (Okta, Inc.)
You can deactivate a user with this api call:
{{url}}/api/v1/users/{{userId}}/lifecycle/deactivate

For a more complete list of api's, go to http://developer.okta.com/docs/api/getting_started/design_principles.html
Ajay DeoAjay Deo
I believe Locking a user and deactivating are two different actions? Isn't it? Also, Okta Api client provides both Unlock and Activate user function. But, for their counter part they only provide deactivate funciton which is oppositve of Activate function. What about the oppositve function of UnlockUser function (i.e. Lock function)?
Michael HoltanMichael Holtan

I believe "Locked" can only be triggered by multiple incorrect password attempts into the user's account. That is why there is only an "Unlock" function available to the Admin.

Is there a reason to use "Locked" instead of "Deactivated" ?

From an Admin view, if they want to stop a user from accessing Okta, they can 'Deactivate'. If they believe the user's password has been stolen, they can send the user a Password Reset email.  If there is more than one admin, and the admin sets a user's account to 'Locked' so they can't access Okta, then another admin may think it was just incorrect passwords and send a reset email.

Andrew SohnAndrew Sohn (Okta, Inc.)
You also have the option to "Suspend" a user...
POST /users/:id/lifecycle/suspend (see developer.okta.com for more into).
This "locks" the user out of Okta while not deprovisioning from apps or removing from groups.