The administrator with the user management authorization can delete a user while the user is not logged in. A user can not delete himself.
The SmartSDK custom authentication mechanism requires the logged in user to be registered in the address book. There are two strategies to eliminate or reduce the user information in the address book.
(a) delete the user from the address book AFTER the user logs out
(b) register the user with a temporary user information
(a) Delete the user from the address book AFTER the user logs out
Use the DELETE method on /rws/addressbook/entries/{Entry ID} to delete a user in the address book.
(You can obtain the Entry ID with /rws/addressbook/entries web API.)
To successfully DELETE an entry at /rws/addressbook/entries/{Entry ID}, both of the following conditions must be met:
(1) the WebAPI caller has the user management authorization
(2) the target user is logged out
A few minutes after the user session is completed, or when the device is not busy, an application or a server that manages the user sessions can call DELETE on /rws/addressbook/entries/{Entry ID} to delete one entry.
A remote application calls the web API with the administrator user name and password in the Authorization http header to execute the web API as an administrator. You should wait for a few minutes so the device can complete the user session clean up. If the device can not delete the user, the web API returns the error 503. You should retry DELETE after a wait. The device may return the error 503 possibly because the user session clean up is still under way. While a user is logged in, you can delete other users who are not logged in.
Important
If an SOP application calls the SmartSDK web API, it is executed with the current SOP logged in user authorization. An SOP application can delete a user in the address book only when the user with the user management authorization is logged in on the panel. Since you can not expect the human administrator to log in on the panel periodically, it is not practical to design an SOP application to delete a user in the address book.
(b) Register the user with a temporary user information
The device registers the user ID and the permissions in the address book. You can use a few temporary IDs (10 - 100), and use them in round robin. The subsequent login with the reused user ID will overwrite the user information, including the displayed name.
The user name displayed at the top left of the SOP is either USER_NAME or USER_ID. USER_ID is displayed if USER_NAME is not specified.
(USER_NAME in jp.co.ricoh.isdk.sdkservice.auth.custom.logic.RES_EXTERNAL_AUTH)
At the top left of the SOP screen, the device displays the value you set in USER_NAME. If you set a single space character, the device displays no text at the top left of the SOP screen.