Tutorial: Deleting accounts

Serverless Authentication Deleting accounts

The Webcom API provides with two operations to delete user's accounts. Both these operations act equally for all authentication methods on the currently authenticated user. Thus, if no user is currently authenticated, both these commands fail.

The first operation deletes a single identity from a user account, namely the identity used by the user to authenticate, without deleting neither the account itself nor the other identities bound to it. It is therefore used to remove an identity from an account that binds several identities.

Warning: if the deleted identity is the last one associated with the user's account, then the account is also deleted. Otherwise, it would result in a "ghost" Webcom account with no authentication means.

The second operation deletes the whole user account, namely the one of the currently authenticated user, together with all identities bound to it.

As these operations are particularly sensitive, they can also fail if the current user has signed in for a too long time (the error code TOKEN_TOO_OLD is then returned). In other words, one can delete an identity or an account of only freshly signed-in users. When deleting an identity or an account, one must therefore plan to force the user to explicitly re-authenticate if s/he has signed in for a too long time.

In order to delete the Webcom account or the identity of the currently signed-in user, simply use the following snippet (replace “<your-app>” with your actual application identifier):

// const app = Webcom.App("<your-app>"); // UNCOMMENT if you haven't yet an instance of your app!
// Get an instance of the authentication service
const auth = app.authentication;
// Authenticate a user
auth.signInWith...(...);
// Delete the account of the authenticated user
auth.removeAccount()
    .then(() => console.log("Account deleted!"))
    .catch(error => {
        if (error.code === "TOKEN_TOO_OLD") {
            console.log("The user must re-authenticate before deleting her/his account");
        } else {
            console.log("Failed deleting the user account!");
        }
    });
// or remove only the latest signed-in identity from the account
auth.removeIdentity()
    .then(() => console.log("Identity deleted!"))
    .catch(error => {
        if (error.code === "TOKEN_TOO_OLD") {
            console.log("The user must re-authenticate before deleting her/his identity");
        } else {
            console.log("Failed deleting the user identity!");
        }
    });
val myApp = WebcomApplication.default // the app defined by the 'webcom.properties' asset file
val authenticator = myApp.authenticationService

// Authenticate a user
authenticator.getXXXMethod().authenticate { /* ... */ }
// Destroy the account of the authenticated user
authenticator.destroyAccount { // it: WebcomResult<Unit>
    when (it) {
        is WebcomResult.Success -> print("Account successfully destroyed")
        is WebcomResult.Failure -> print("Failed destroying account: ${it.error.message}")
    }
}
// Or remove only the latest signed-in identity from the account
authenticator.detachIdentity { // it: WebcomResult<Unit>
    when (it) {
        is WebcomResult.Success -> print("Identity successfully detached")
        is WebcomResult.Failure -> print("Failed detaching identity: ${it.error.message}")
    }
}
let authenticationService = Webcom.defaultApplication.authenticationService
// authenticate:
let method = AuthenticationMethod...(...)
authenticationService.authenticate(with: method) { ... }
// destroy the account of the authenticated user:
authenticationService.destroyAccount { result in
    switch result {
    case .success:
        print("Account destroyed!")
    case let .failure(error):
        if error.code == .backEnd(.authenticationTokenTooOld) {
            print("The user must re-authenticate before destroying her/his identity.")
        } else {
            print("Failed destroying the user identity:", error)
        }
    }
}
// or remove only the latest signed-in identity from the account:
authenticationService.detachCurrentIdentity { result in
    switch result {
    case .success:
        print("Identity detached!")
    case let .failure(error):
        if error.code == .backEnd(.authenticationTokenTooOld) {
            print("The user must re-authenticate before detaching her/his identity.")
        } else {
            print("Failed detaching the user identity:", error)
        }
    }
}