GDPR Deletion Request

GDPR Deletion Request


Once a deletion request is submitted, the user will permanently lose access to their wallet and cannot be recovered.


Available to Dedicated applications and users whose primary login is an email.


The Deletion Request API enables developers to delete users' information in compliance with GDPR. This API is designed for applications that require bulk deletion operations and supports authentication using the application's secret key.



The bulk deletion endpoint supports deleting multiple user accounts in a single API call. To use this endpoint, send a POST request to the following URL with a payload that includes the list of email addresses associated with the accounts you want to delete.

01curl --location '' \
02--header 'X-Magic-Secret-Key: <SECRET_KEY>' \
03--header 'Content-Type: application/json' \
04--data-raw '{
05  "emails": ["[email protected]", "[email protected]"]



Upon successful request processing, the API returns a response with lists of processed and unprocessed emails.

  • processed: An array of emails that have been queued for deletion.
  • unprocessed: An array of emails that were not found and hence not processed.
02  "processed": ["[email protected]"],
03  "unprocessed": ["[email protected]"]


In the event of an error, the API will return an error code and message.

  • 400 Bad Request: Your request is invalid. This often occurs due to missing the emails field in the request body.
  • 401 Unauthorized: Your authorization token is missing or invalid.
  • 429 Too Many Requests: You have hit the rate limit for deletion requests. Please wait before sending more requests.

GDPR Deletion Request