Hi,
We have a requirement, basically to lock out /suspend a User account once he/she performs a particular event in Oracle Fusion cloud. this means we want them to get logged out immediately after this event and if they try to login again, they should get an authentication error. (No access to the instance whatsoever is expected)
locking part works fine from Apex-based on a PLSQL package which submits an HDL (User.dat) would update the suspend flag in per_users to Y for the logged in user once he/she completes an action ‘ABC’.
Scenario2 (i.e if the user tries to open the URL again and try logging in with the same creds, they are getting authentication error). so that works too.
But Scenario:1 - if the user is still active on the UI, even after locking happens, he is not being forcefully logged out, able to play around the pages, peform actions etc, which is a major security issue.
Is there a REST API/SOAP call /any other way to perform this forced logging out for the current user?
I tried POST -/rest/{versionId}/admin/logout which just gave me a 404 error.
REST API for Session Delivery Manager Release 8.1 - Logout (oracle.com)
Another one GET-/oauth2/v1/userlogout - I found this frm Oracle docs, but clearly thats for IDCS.
Any inputs? TIA
Thanks,
Rima