Is user data removed after long period of inactivity?


Has anyone seen user data being removed from Duo system when user is not authenticated for a long time? Am seeing things missing…like Trusted Endpoints and their associated certificates. These used to be visible from admin console but now seem to have disappeared.


Hi Andrew,
Do you have the Inactive User Expiration setting enabled by any chance?


No we don’t. We have “Don’t expire inactive users” configured. Anyway the user is not expired they still are active, just with missing configuration data.


Gotcha. If you’re referring to their Endpoint data no longer appearing in the Duo Admin Panel, it could be because they haven’t accessed Duo-protected applications in 30 days or more. More info is available here: A history of their authentications will still be available in our Authentication Log though because log entries are retained indefinitely by default.

Apologies if this still does not answer your question. If that’s the case, I would recommend contacting our Support Team so they can look into this with you further.


Thanks for the reply and your suggestions. We will certainly contact support as needed; for now we reissued the certificate so the current problem is resolved for missing certificates - that were not showing up in the admin portal. However, what we still cannot figure out is why a previously issued certificate suddenly is flagged as invalid - even though it has not expired. Could this be a bug? If you have any thoughts on this it would be greatly appreciated.