Last successful login from rest API

This topic contains 6 replies, has 6 voices, and was last updated by  jjung2 1 week, 2 days ago.

  • Author
    Posts
  • #6270
     Jaime 
    Participant

    There is a way to get last successful login from rest API?
    That interface is not retrieving that information “openam/json/users/userId”.

    Thanks.

    #6272

    Well, if you are using OpenDJ as your Data Store and your source of authentication then you can enable via Password Policy a last-login-time-attribute and a last-login-time-format setting. Then you can request your defined last-login-time-attribute via your “openam/json/users/userId” call. Those values are not defined by default in the OpenDJ Default Password Policy as shown here:

    >>>> Configure the properties of the Password Policy
    
             Property                                   Value(s)
             --------------------------------------------------------------------
        1)   account-status-notification-handler        -
        2)   allow-expired-password-changes             false
        3)   allow-user-password-changes                true
        4)   default-password-storage-scheme            Salted SHA-1
        5)   deprecated-password-storage-scheme         -
        6)   expire-passwords-without-warning           false
        7)   force-change-on-add                        false
        8)   force-change-on-reset                      false
        9)   grace-login-count                          0
        10)  idle-lockout-interval                      0 s
        11)  last-login-time-attribute                  -
        12)  last-login-time-format                     -
        13)  lockout-duration                           0 s
        14)  lockout-failure-count                      0
        15)  lockout-failure-expiration-interval        0 s
        16)  max-password-age                           0 s
        17)  max-password-reset-age                     0 s
        18)  min-password-age                           0 s
        19)  password-attribute                         userpassword
        20)  password-change-requires-current-password  false
        21)  password-expiration-warning-interval       5 d
        22)  password-generator                         Random Password Generator
        23)  password-history-count                     0
        24)  password-history-duration                  0 s
        25)  password-validator                         -
        26)  previous-last-login-time-format            -
        27)  require-change-by-time                     -
        28)  require-secure-authentication              false
        29)  require-secure-password-changes            false
    
        ?)   help
        f)   finish - apply any changes to the Password Policy
        c)   cancel
        q)   quit
    

    In theory I would think this would work for you.

    #6273
     Scott Heger 
    Participant

    Meant to send the above from this account. :)

    #9750
     jax 
    Participant

    I does not work. “openam/json/users/userId” does not return last login time.

    #9895
     Peter Major 
    Moderator

    You should make sure that your Data Store configuration was updated to work with the attribute. Keep in mind that OpenAM will most likely cache operational attributes for a long while, so you should make sure that you test whether the value gets updated correctly.

    #9897
     jax 
    Participant

    Hei Peter,

    thank you for your post. could please give some link or more info about cache-issue of operational attributes.

    #23214
     jjung2 
    Participant

    Hello – I was referred here by Support so I would like to ask – if using a certificate module, would we still get getting the lastLoginTime value updated? Or would this work only with U/P logins? I ask since it seems to be tied with the password policy setting, which I’m unsure is in the path for certificate based logins.

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

©2018 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?