For many clients, there are critical needs and often government compliance requirements for user accounts. Clients are required to suspend access if a user has not logged in for a certain period (such as 90 days), and sometimes to delete a user if they have not logged in for a certain period (such as 180 days).

I am aware of the GDPR functionality. While that is useful for account deletion, the Archibus system lacks the necessary information to make any determinations on when to set the deletion date. If using SSO, we may or may not be able to get this information from the IdP. But even if we do, it's an extra unnecessary integration for a basic feature.

There is also no simple way to disable an account. We typically have to either update the user_name or change to a role has nothing assigned. Both are not ideal.

What I would like to see added as base features are:

1. A last login timestamp on the afm_users table that updates each time the user logs in.
2. An active flag field or status field on afm_users that gets checked at login to allow an easy way of disabling a user.