Deleting user accounts
Overview
- Call name: delete-user
- Endpoint URL: https://api0.spaaza.com/delete-user
- Request methods: DELETE
- Response Content-Type: application/json
- Auth required: yes
Delete a user for legal purposes. This API endpoint obfuscates all personally-idenfiable user details such as first name, last name, email address, gender, date of birth and address details.
Version-Specific Information
The following version-specific changes apply to this endpoint. See the versioning page for more details.
| Version | Change details |
|---|---|
| >= 1.5.2 | Added authentication_point_identifier as parameter (backwards compatible to release 1.0.0) |
Permissions and Authentication
This API call requires a valid Spaaza session. The session can be one of the following:
| Parameter | Description |
|---|---|
| User Authentication | A session generated by an end-user login |
| Admin Authentication | A session generated by administrative user login. The performing admin user needs to be logged in and have delete access to the entity (business or chain) to which the user is connected. |
| Privileged Authentication | An OAuth-based mechanism for trusted third-parties,the use of privileged authentication is permitted for this endpoint . |
Please see the authentication section for more details.
Note that if admin authentication is used and the admin user does not have sufficient permissions to delete the user, an error will be generated.
HTTP Parameters
The following HTTP parameters can be passed to the API:
| Parameter | Description |
|---|---|
| chain_id (mandatory in the case of admin authentication) | the id of the chain with which the user to be deleted is associated. |
| user_id or username or authentication_point_identifier or member_number (mandatory in the case of admin or privileged authentication, do not pass in the case of user authentication) | the Spaaza user ID, username (email address) or member_number (user code) of the user to be deleted. One of these parameters must be supplied in the case of admin or privileged authentication. These parameters must not be passed in the case of user authentication. |
Headers
The following headers can/must be passed to the API call:
| Parameter | Description |
|---|---|
| X-Spaaza-MyPrice-App-Hostname (mandatory in the case of user or privileged authentication if user_id parameter not sent) | The hostname of the app for which the user is requesting the card. Required in the case of user authentication. Required in the case of privileged authentication when the user is identified by either the username or member_number parameter. Not required in the case of admin authentication. |
Permissions
This API call requires delete permissions when using admin authentication.
Response
Returns an OK code and echoes the obfuscated user details. A sample is shown below:
{
"result": {
"code": 1,
"status": "ok"
},
"results": {
"user_info": {
"id": 3354896,
"user_id": 3354896,
"first_name": "Deleted",
"last_name": "Deleted",
"country_code": "IT",
"username": "3354896@deleted.spaaza.com",
"authentication_point_identifier": "23t24ty3464373",
"auxiliary_identifier": null,
"mailing_list": {
"mailing_list_sub_offered": false,
"mailing_list_subscribed": false,
"printed_mailing_list_subscribed": false
},
"entity_code": {
"type": "custom",
"code": "133791"
},
"opt_in_programme": {
"programme_opted_in": false,
"join_date": null
},
"registered": false,
"address_streetname": null,
"address_housenumber": null,
"address_housenumber_extension": null,
"address_line_2": null,
"address_line_3": null,
"address_towncity": null,
"address_regionstate": null,
"address_postalcode": null
},
"result_type": "delete-user"
}
}