║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║

---

title: 'lockUser()' description: Use Clerk's JS Backend SDK to mark a user as locked, which means they are not allowed to sign in again until the lock expires. sdk: js-backend

{/* clerk/javascript file: https://github.com/clerk/javascript/blob/main/packages/backend/src/api/endpoints/UserApi.ts#L263 */}

Marks the given User as locked, which means they are not allowed to sign in again until the lock expires.

By default, lockout duration is 1 hour, but it can be configured in the application's Attack protection settings. For more information, see the dedicated guide for customizing Attack protection settings.

function lockUser(userId: string): Promise<User>

Parameters

<Properties> - `userId` - `string`

The ID of the user to lockout. </Properties>

Example

<Include src="_partials/backend/usage" />

const userId = 'user_123'

const response = await clerkClient.users.lockUser(userId)

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/users/{user_id}/lock. See the BAPI reference{{ target: '_blank' }} for more information.

║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║
║