Delete sender account via sender UI
Friday, October 2, 2020 at 07:24amHi,
our client tried to delete account in the Owner account via Sender UI, after he clicked 'x' (delete) button, nothing happened in the GUI, but we found there is error in the log, any idea?
2020-09-28 19:37:37,408 INFO [com.silanis.esl.web.exception.mappers.AbstractEslExceptionMapper] (default task-90) User: qCK8OJsWAeA9 | ForbiddenException : null : returning status: Forbidden : key=error.for
bidden.deleteAccountOwner
thanks,
Cindy
Reply to: Delete sender account via sender UI
Friday, October 2, 2020 at 10:04amHi Cindy,
Is this failed to be deleted sender:
- a former account owner merged into this account
- or, used to be the account owner in this account, and later be switched ownership
These two scenarios follow the error message that you were trying to delete a (former) account owner. Or if this is not the case, are you aware how do your client invited this sender? Manually choose the menu option “invite sender” from sender UI or through a custom sender tool?
Duo
Reply to: Hi Cindy, Is this failed…
Friday, October 2, 2020 at 10:15amwe are in this scenario -"used to be the account owner in this account, and later be switched ownership"
Beginning: A is the owner, and B is the sender under A
After switch ownership: B is the owner, A is the sender under B, and B tried to delete A.
so do you mean this scenario doesn't valid? can't delete A after switch ownership? if so, if the Owner A leaves the company, how can we delete owner A properly?
thanks,
Cindy
Reply to: Delete sender account via sender UI
Friday, October 2, 2020 at 02:56pmHi Cindy,
It's internally confirmed that due to a technicality in Hibernate, OneSpan Sign disables the deletion of a former account owner. However, I believe "if a sender A leaves the company, how can we delete owner A properly" is a more general question, and normally we suggest to lock the sender instead of deleting. in which case the sender lost his/her access to both UI and API.
Duo
Reply to: Hi Cindy, It's…
Monday, October 5, 2020 at 09:00amHi Duo,
few questions:
1) is this a bug in our current version? and will Onespan Sign consider to fix it in the future?
2) what's the difference between lock the sender or suspend the sender? Does 'suspend' only be done by admin?
3) by disabling this function, our security might have concern the new owner (or their delegates) could re-enable the old owner’s account, and suddenly someone who has left the company has the ability to send docs on CIBC’s behalf. Admittedly it’s a small risk that this behavior would occur, but security tends to be pretty conservative about risks.
Reply to: Delete sender account via sender UI
Tuesday, October 6, 2020 at 03:30pmHi Cindy,
I understand your concerns. Here're some of my thoughts for your questions:
1) is this a bug in our current version? and will Onespan Sign consider to fix it in the future?
I believe "Can't delete former account owner" is an expected behavior, but of course we can still report this to R&D team for further confirmation.
2) what's the difference between lock the sender or suspend the sender? Does 'suspend' only be done by admin?
Suspend can only be done through backoffice, but from API's perspective, both operations displayed as "LOCKED" status, and can be undone by "Manager" sender.
3) by disabling this function, our security might have concern the new owner (or their delegates) could re-enable the old owner’s account, and suddenly someone who has left the company has the ability to send docs on CIBC’s behalf.
If your concern is the incorrect operation performed by admin user, will (1)change the sender type to "Regular" (2)lock or suspend the sender (3)merge the locked senders to a separate account where all email templates are disabled, helped to facilitate the use case?
Duo
Reply to: Hi Cindy, I understand…
Wednesday, October 7, 2020 at 08:09amthanks Duo for your answer, i will forward it to our business.
for question #1, could you please ask R&D for further confirmation?
Cindy