lockUser()
Marks the given User as locked, which means they are not allowed to sign in again until the lock expires.
By default, lockout duration is 1 hour, but it can be configured in the application's Attack protection settings. For more information, see the dedicated guide for customizing Attack protection settings.
function lockUser(userId: string): Promise<User>- Name
userId- Type
string- Description
The ID of the user to lockout.
const userId = 'user_123'
const response = await clerkClient.users.lockUser(userId)
console.log(response)
/*
_User {
id: 'user_123',
passwordEnabled: false,
totpEnabled: false,
backupCodeEnabled: false,
twoFactorEnabled: false,
banned: false,
locked: true,
createdAt: 1694181111181,
updatedAt: 1708102548373,
imageUrl: 'https://img.clerk.com/eyJ...',
hasImage: true,
primaryEmailAddressId: 'idn_123',
primaryPhoneNumberId: null,
primaryWeb3WalletId: null,
lastSignInAt: 1708101739595,
externalId: null,
username: null,
firstName: 'Alexis',
lastName: 'Aguilar',
publicMetadata: {},
privateMetadata: {},
unsafeMetadata: {},
emailAddresses: [
_EmailAddress {
id: 'idn_123',
emailAddress: 'alexis@clerk.dev',
verification: [_Verification],
linkedTo: [Array]
}
],
phoneNumbers: [],
web3Wallets: [],
externalAccounts: [
_ExternalAccount {
id: 'idn_123',
provider: undefined,
identificationId: undefined,
externalId: undefined,
approvedScopes: 'email https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile openid profile',
emailAddress: 'alexis@clerk.dev',
firstName: undefined,
lastName: undefined,
imageUrl: undefined,
username: null,
publicMetadata: {},
label: null,
verification: [_Verification]
}
],
lastActiveAt: 1708041600000,
createOrganizationEnabled: true
}
*/Backend API (BAPI) endpoint
This method in the SDK is a wrapper around the BAPI endpoint POST/users/{user_id}/lock. See the BAPI reference for more information.
Feedback
Last updated on