Skip to content

IsActive property is not respected when creating new Users via the API #9766

New issue
New issue
Closed
Closed
IsActive property is not respected when creating new Users via the API#9766
Assignees
borland
Labels
kind/bugThis issue represents a verified problem we are committed to solving
@borland

Description

@borland
borland
opened on Nov 30, 2025

Severity

Very Low

Version

All supported versions of Octopus Server

Latest Version

I could reproduce the problem in the latest build

What happened / Reproduction

When using the API to create a new user, one performs a POST to the /api/users endpoint

In the JSON body, an IsActive field is present (this is in the schema, and our Octopus C# client also supports it).

The server does not respect the value of this field. If you specify "IsActive": false you still get an active user.

Workaround

A follow-up PUT on the /api/users/{id} endpoint to set the IsActive field to false works.

Note to potentially affected users when this bug is fixed

It is possible that some users of the HTTP API may have been specifying IsActive=false by accident, and relying on the fact that the Server would ignore this and create active users anyway.

The bugfix in server is such that omitting the IsActive field will result in an Active user; you would only be affected if you were explicitly setting IsActive=false. If this is the case, you will need to modify your code not to pass false when you want an active user.

I've verified that the Octopus C# Client does not do this: We can see here that it explicitly sets IsActive=true.
I've also verified that the Octopus Go client should be unaffected: We can see here that, like the C# client, it explicitly sets IsActive=true

Metadata

Metadata

Assignees

Labels

kind/bugThis issue represents a verified problem we are committed to solving

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions