Privy allows you to delete users via their Privy user ID. This is a destructive action: if the user logs into your app again, they will have a new user ID, will create a new embedded wallet address, and will have to relink any formerly linked accounts.
Avoid deleting users whenever possible. For security of user assets, Privy does not
delete the embedded wallet, and instead “soft deletes” it by disassociating it from the deleted
user and archiving the data.While wallet recovery may be technically possible if the user still has access to their login method, the recovery process requires significant internal coordination and can take considerable time to complete. There is no guarantee of successful recovery.Treat all user deletions as permanent and irreversible. Only delete users when absolutely necessary, and confirm you have exhausted all other options before proceeding.
NodeJS
NodeJS (server-auth)
REST API
Rust
Dashboard
Use the PrivyClient’s delete method from the users() interface to delete a user. As a parameter, pass the user’s Privy ID as a string:await privy.users().delete('insert-user-id');
Complete Example
import { PrivyClient } from '@privy-io/node';
const privy = new PrivyClient({
appId: process.env.PRIVY_APP_ID,
appSecret: process.env.PRIVY_APP_SECRET
});
async function deletePrivyUser(id: string) {
try {
await privy.users().delete(id);
console.log(`User ${id} successfully deleted`);
return true;
} catch (error) {
console.error(`Failed to delete user: ${error.message}`);
return false;
}
}
The @privy-io/server-auth library is deprecated. We recommend integrating @privy-io/node for
the latest features and support.
PrivyClient’s deleteUser method to delete a user. As a parameter, pass the user’s Privy DID as a string:await privy.deleteUser('did:privy:XXXXXX');
Complete Example
import { PrivyClient } from '@privy-io/server-auth';
const privy = new PrivyClient(
process.env.PRIVY_APP_ID,
process.env.PRIVY_APP_SECRET
);
async function deletePrivyUser(did: string) {
try {
await privy.deleteUser(did);
console.log(`User ${did} successfully deleted`);
return true;
} catch (error) {
console.error(`Failed to delete user: ${error.message}`);
return false;
}
}
Make a DELETE request to:https://auth.privy.io/api/v1/users/<did>
<did> with your user’s Privy DID. It should have the format did:privy:XXXXXX.Request
Use your Privy app ID as the username and your Privy app secret as the password.
Example
Below is a sample cURL command for deleting the user object associated with a Privy DID:curl --request DELETE https://auth.privy.io/api/v1/users/<user-did> \
-u "<your-privy-app-id>:<your-privy-app-secret>" \
-H "privy-app-id: <your-privy-app-id>"
Response
The user was successfully deleted.
There is no user associated with the provided Privy DID.
Use the PrivyClient’s delete method from the users() interface to delete a user. As a parameter, pass the user’s Privy ID as a string:use privy_rs::PrivyClient;
let client = PrivyClient::new(app_id, app_secret)?;
client.users().delete("insert-user-id").await?;
Complete Example
use privy_rs::PrivyClient;
async fn delete_privy_user(
client: &PrivyClient,
user_id: &str,
) -> Result<(), Box<dyn std::error::Error>> {
match client.users().delete(user_id).await {
Ok(_) => {
println!("User {} successfully deleted", user_id);
Ok(())
}
Err(error) => {
eprintln!("Failed to delete user: {}", error);
Err(error.into())
}
}
}
// Usage
let client = PrivyClient::new(app_id, app_secret)?;
delete_privy_user(&client, "cmf56qacr01qpl90brxql83lx").await?;
The Privy Dashboard provides a simple interface to delete users when necessary.Steps to delete a user
- Log in to the Privy Dashboard
- Navigate to the Users page for your app
- Search for the user you wish to delete
- Click on the user to open the user drawer
- Scroll to the bottom of the user drawer
- Click the Delete User button
- Confirm the deletion in the confirmation dialog
This action cannot be undone. Once a user is deleted:
- If they log in again, they will get a new DID
- They will need to relink any accounts
- They will get a new embedded wallet address
- Any data associated with their previous DID will be inaccessible
