Skip to Content
You are viewing a beta version of Clerk Docs
Visit the latest docs
Clerk logo

Clerk Docs

Ctrl + K
Go to clerk.com

lockUser()

Marks the given User as locked, which means they are not allowed to sign in again until the lock expires.

By default, lockout duration is 1 hour, but it can be configured in the application's Attack Protection(opens in a new tab) settings. For more details, see the dedicated guide for customizing Attack Protection settings.

function lockUser: (userId: string) => Promise<User>;

lockUser() parameters

NameTypeDescription
userIdstringThe ID of the user to lockout.

lockUser() example

const userId = 'user_2V7JJKmoA9HqzHhfMqK5cpgLl56'; const response = await clerkClient.users.lockUser(userId); console.log(response); /* _User { id: 'user_2V7JJKmoA9HqzHhfMqK5cpgLl56', passwordEnabled: false, totpEnabled: false, backupCodeEnabled: false, twoFactorEnabled: false, banned: false, createdAt: 1694181111181, updatedAt: 1708102548373, imageUrl: 'https://img.clerk.com/eyJ0eXBlIjoicHJveHkiLCJzcmMiOiJodHRwczovL2ltYWdlcy5jbGVyay5kZXYvb2F1dGhfZ29vZ2xlL2ltZ18yVjdKSkhvdXlnbDNLRXRaUjlRRlFNbnVDU2cuanBlZyJ9', hasImage: true, primaryEmailAddressId: 'idn_2V7JJ2R3O7KWHjCmUuEOJESHlPz', primaryPhoneNumberId: null, primaryWeb3WalletId: null, lastSignInAt: 1708101739595, externalId: null, username: null, firstName: 'Alexis', lastName: 'Aguilar', publicMetadata: {}, privateMetadata: {}, unsafeMetadata: {}, emailAddresses: [ _EmailAddress { id: 'idn_2V7JJ2R3O7KWHjCmUuEOJESHlPz', emailAddress: 'alexis@clerk.dev', verification: [_Verification], linkedTo: [Array] } ], phoneNumbers: [], web3Wallets: [], externalAccounts: [ _ExternalAccount { id: 'idn_2V7JJ4xpXyj0mazg3lsLYOUit9t', provider: undefined, identificationId: undefined, externalId: undefined, approvedScopes: 'email https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile openid profile', emailAddress: 'alexis@clerk.dev', firstName: undefined, lastName: undefined, imageUrl: undefined, username: null, publicMetadata: {}, label: null, verification: [_Verification] } ], lastActiveAt: 1708041600000, createOrganizationEnabled: true } */

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/users/{user_id}/lock. See the BAPI reference(opens in a new tab) for more details.

What did you think of this content?

Clerk © 2024