Add lifecycle controls for guest users (owner, expiration, renewal workflow)

[kaffeeringe]

Tip

Help move this idea forward

• Use the 👍 reaction to show support for this feature.
• Avoid commenting unless you have relevant information to add; unnecessary comments create noise for subscribers.
• Subscribe to receive notifications about status changes and new comments.

---

Feature request

Which Nextcloud Version are you currently using:

25 Autumn

---

Is your feature request related to a problem? Please describe.

Organizations regularly create guest or external user accounts in their Nextcloud instances (e.g. for partners, consultants, auditors, freelancers, or temporary staff).

While the existing Guests app is useful, it serves a different purpose: it provides a restricted collaboration model where users only access shared files and a limited set of apps.

However, from an administrative and governance perspective, there is currently no structured way to manage the lifecycle of guest accounts.

Common challenges include:

• Guest accounts are not easily distinguishable from regular users in all contexts
• There is no clear assignment of a responsible internal person (host/sponsor)
• Expiration dates are not managed centrally
• Accounts may remain active longer than intended
• Guest accounts can become “orphaned” if the responsible internal user is deleted

This leads to reduced transparency, higher administrative effort, and potential security/compliance risks.

---

Describe the solution you'd like

I would like to propose a guest account lifecycle management feature, independent of (but compatible with) the existing Guests app.

1. Visibility of guest accounts

• Ability to clearly mark accounts as guest accounts
• This could be implemented via:
  • a dedicated flag/type, or
  • improved handling of a group such as Guests
• Admins should be able to filter and quickly identify all guest accounts

2. Assignment of a responsible internal person (host)

• Each guest account should have an assigned internal user (host/sponsor)
• This field should:
  • be visible in user management
  • be editable
  • be used for notifications and workflows

3. Expiration date

• Each guest account should have an optional/mandatory expiration date
• The date should be visible and manageable in the admin UI

4. Automated review workflow

When the expiration date is reached:

• The assigned host should be notified and asked:
  • whether the account should remain active
  • and for how long

Expected behavior:

• If no → the account is deleted (or optionally disabled first)
• If yes → the expiration date is extended (new date is set)

5. Handling orphaned guest accounts

• If the assigned host account has been deleted:
  • administrators should be automatically notified
  • the guest account should be flagged for manual review

---

Describe alternatives you've considered

Current workarounds include:

• using a Guests group
• naming conventions for guest users
• external documentation (e.g. spreadsheets, ticket systems)
• manual periodic reviews

These approaches are:

• not integrated into Nextcloud
• error-prone
• difficult to scale in larger organizations

The existing Guests app also does not address lifecycle management aspects such as:

• responsible internal ownership
• expiration dates
• structured renewal workflows
• orphaned account detection

---

Additional context

Microsoft Teams does not have this kind of feature.