Deprecation of User Management API
Mendix is deprecating the current User Management API.
We would like to replace it with a new version which is more suited to the demands of our community and supports changes to the way users are managed which have been introduced over the past few years.
If you are currently using this API, or are interested in using a User Management API please contribute your use cases and wishes on this idea.
Note that we do not currently have a definite timescale for implementing a new User Management API.
I agree with Johan, Offboarding process is the most important use case.
In our use case it will be also needed to have the capability to search for users by OpenID to get user email address.
As the current endpoint https://usermanagement.mendix.com/legacy-api/1/users provides list of ALL users in company, identified by OpenID. There is no documented way to get account details like email address for each profile and we are only able to check if employee still has active account by the e-mail address.
So either we will have an email address in the endpoint which get list of all users or a way to query system for profile details (including email) by accounts OpenID.
2nd requirement will be to provide a way to get either list of apps where user is a Technical Contact in this API or in the Deployment API. There is API to Change Technical Contact but there is NO WAY to get who is technical contact for an application via API.
The most important use-case for us is: offboarding of colleagues.
If somebody leaves our company, the automated offboarding process makes sure that access is properly denied from that moment on by deactivating their Mendix account.
This consists of two steps: check if account on e-mailaddress is created. If so: deactivate this Mendix account.
Execution of these steps is done using a service account.