We've updated our Terms of Service. By continuing to use our services, you agree to the updated Terms.

GDPR Deletion Request

GDPR Deletion Request

danger

Once a deletion request is submitted, the user will permanently lose access to their wallet and cannot be recovered.

note

Available to Dedicated applications and users whose primary login is an email.

#Overview

The Deletion Request API enables developers to delete users' information in compliance with GDPR. This API is designed for applications that require bulk deletion operations and supports authentication using the application's secret key.

#Usage

#Request

The bulk deletion endpoint supports deleting multiple user accounts in a single API call. To use this endpoint, send a POST request to the following URL with a payload that includes the list of email addresses associated with the accounts you want to delete.

01curl --location 'https://api.magic.link/v1/api/auth_user/deletion_request' \
02--header 'X-Magic-Secret-Key: <SECRET_KEY>' \
03--header 'Content-Type: application/json' \
04--data-raw '{
05  "emails": ["user1@example.com", "user2@example.com"]
06}'

#Response

Success

Upon successful request processing, the API returns a response with lists of processed and unprocessed emails.

  • processed: An array of emails that have been queued for deletion.
  • unprocessed: An array of emails that were not found and hence not processed.
01{
02  "processed": ["user1@example.com"],
03  "unprocessed": ["user2@example.com"]
04}

Failure

In the event of an error, the API will return an error code and message.

  • 400 Bad Request: Your request is invalid. This often occurs due to missing the emails field in the request body.
  • 401 Unauthorized: Your authorization token is missing or invalid.
  • 429 Too Many Requests: You have hit the rate limit for deletion requests. Please wait before sending more requests.

GDPR Deletion Request