Account Deletion

In Oct 2021, Apple announced that all apps allowing users to create accounts should also provide ways for them to initiate account deletion within the apps, starting from January 31, 2022. It is also a good design to give your end-users more control over their data.
On Jan 22, 2022 Apple decided to extend the deadline to June 30 2022.
Show "Delete Account" button in User Settings
In the pre-built User Settings page, you can show a button for the end-users to initiate account deletion.
Enable this button in the Advanced -> Account Deletion page in the Portal
"Delete your account" button in the User Settings page
Note that if you enable this feature, you have to prepare for encountering invalid session every time your users close User Settings in your mobile apps. If your users unfortunately decided to delete their account in User Settings, all their sessions will become invalid immediately.
You must verify the validity of the session every time the User Settings is closed. The open method in the SDK is blocking. You can verify if the user session is still valid when the method resolves. Here is an example with the React Native SDK:
React Native
Flutter
Xamarin
// This method blocks until the user closes User Settings.
await authgear.open(Page.Settings);
// One way to verify the validity of the session is to get User Info once.
await authgear.fetchUserInfo();
// This method blocks until the user closes User Settings.
await authgear.open(SettingsPage.settings);
// One way to verify the validity of the session is to get User Info once.
await authgear.getUserInfo();
// This method blocks until the user closes User Settings.
await authgear.OpenAsync(SettingsPage.Settings);
// One way to verify the validity of the session is to get User Info once.
await authgear.FetchUserInfoAsync();
Deactivated User
When the end-user has initiated the account deletion. Their account will be deactivated and scheduled for deletion after the grace period.
Deactivated users are always disabled. They will not be able to complete the authentication process. The is_deactivated status signal that the is_disabled status was turned true by the end-user themselves rather than the admin.
Schedule Deletion
You can set the grace period for how long the user account will be deactivated before deleted from the system. The default value is 30 days, you can choose between 1 to 180 days.
Initiate Deletion from the Portal
An end-user account can also be deleted using the Portal. In the User Management page, click the Remove User button to remove them immediately or schedule the deletion.
Initiate Deletion from Admin API
Alternatively, if you did not enable the "Delete Account" button in User Settings, you can implement the button in your app by yourself. Your backend server can invoke the mutation scheduleAccountDeletion with the Admin API to initiate the account deletion.
Here is an example of how to invoke the mutation.
GraphQL
mutation {
  scheduleAccountDeletion(input: {
    userID: "USER_ID"
  }) {
    user {
      id
      isDisabled
      isDeactivated
      disableReason
      deleteAt
    }
  }
}
Webhook events
You may listen to the following events to integrate the deletion behavior to your apps.
Non-blocking events
user.disabled
user.reenabled
user.deletion_scheduled
user.deletion_unscheduled
user.deleted
Blocking event
user.pre_schedule_deletion
See the event details in Webhooks.

Integrate - Previous

Force authentication on app launch

Next - Customize

Last modified 3mo ago

Copy link

On this page

Show "Delete Account" button in User Settings

Deactivated User

Schedule Deletion

Initiate Deletion from the Portal

Initiate Deletion from Admin API

Webhook events