A frequent question we get asked on the helpdesk is how to expire users who have left the facility. We have an article on the KB which covers how to set the expired status for these users, but for this blog post I would like to look at some of the philosophy behind the user status options and what they can be used for in Calpendo.
User status in Calpendo defines two key things: whether they can access Calpendo or not and whether their user account is counted towards the licence for the site.
Our user statuses are:
- Normal
- Requested
- Lurker
- Suspended
- Denied
- Blocked
- Expired
The only status which can directly access Calpendo is the normal status. This is the status that should be set for all users who need regular access to Calpendo. It is the only one which directly counts towards your user licence limit.
The requested status is the initial status set when a user requests an account for accessing Calpendo. They obviously are not able to access the site until they have been authenticated. It’s important to note for those facilities which use single sign-on that enabling SSO does not allow users with an SSO username and password to automatically access Calpendo. Their request will still need to be approved by a local administrator at your facility.
The lurker status is only used by a small number of facilities, but can be very useful. Calpendo can automatically send out scheduled reports to users. If someone in your facility needs to receive a report but has no need to actually log in to Calpendo (for example a finance person) then a ‘lurker’ account on Calpendo will allow them to receive emails from the system. They won’t be able to log in and therefore won’t count against licence numbers.
The suspended status is used to manage users who have been using Calpendo before but may need to be away for a while before using it again. Whilst a user’s status is set to suspended they do not count towards the licence number for Calpendo but their login details remain valid. When they log in again, their account will immediately revert to a normal status and start counting against the number of licenced users.
The denied, blocked and expired statuses all perform the same function in preventing a user account from accessing Calpendo.
The denied status is meant to be used when a user requests an account and the decision is made to not grant one to them in the first place.
The blocked status is crucial for identifying users who you do not wish to have access to Calpendo. This is because we do not recommend (partly as it is not easy to do so) deleting users and therefore setting them as blocked prevents them from accessing Calpendo as well as crucially maintains their record of everything they have done on Calpendo.
Finally the expired status should be applied to users who have simply left the facility. Like blocked and denied they will not be able to login and their user data and actions will be preserved.
There is no functional difference between denied, blocked and expired in the standard Calpendo, but we can of course trigger automatic processes based off the different status options. For example an automation could be used to send a message to expired users informing them of the decision to expire their accounts.
It is a good idea for System Administrators to regularly clean up their user lists so that only users who are actively using the system have a status of normal. For larger facilities the suspension or expiry of users could be automated based on the last login date of their account.