Account Marked for Deletion screen (v2) overview


If you're looking for the Hosted Login v1 version of this screen, see Account Marked for Deletion v1.

When a user clicks the Delete My Account button on the manageProfile_privacy screen, that user is first prompted to confirm that they really do want to delete their account:

If the user clicks OK, the deleteAccountSuccess screen is displayed. There are at least two things to note about this screen:

  • Similar to the requestDataSuccess) screen, the deleteAccountSuccess screen does not automatically disappear after a few seconds. Instead, the user needs to navigate away from the screen.

  • Clicking the Delete My Account button does not actually delete the user account. Instead, a datetime value is written to the accountDeleteRequestTime attribute in the user’s user profile:

Organizations should periodically query the user profile store (or perhaps use webhook notifications) to check for users who have requested that their accounts be deleted; organizations are also responsible for deleting the account. Until an organization deletes the account the account remains  valid, and the user can continue to sign in by using that account.

Delete account screen flow

The following graphic shows how the deleteAccountSuccess screen fits into the Delete Account flow:

See also