Delete user

DELETEhttps://app.speybooks.com/api/v1/admin/users/{id}

Permanently delete a user and the data tied to that user, under GDPR Article 17 (right to erasure). This operation is irreversible.

Confirmation

Requires confirm: "DELETE" (that literal string) and a reason of at least 5 characters in the request body. The literal confirmation guards against accidental calls.

Safety checks

  • You cannot delete your own account (SELF_DELETE).
  • You cannot delete an admin account (CANNOT_DELETE_ADMIN).

What is removed

In a single transaction the user is erased along with their sessions, their own audit-log entries, any impersonation records that targeted them, and their organisation memberships. The user's organisation is not removed; if the organisation should also go, delete it separately.

The administrative audit log retains the erased user's name and email so that the erasure itself remains accountable.

Records a USER_DELETED_GDPR action in the audit log.

Path parameters

idstringrequired
User ID to permanently delete.

Response

200User permanently deleted (GDPR). All sessions, audit entries, and memberships removed.
Show response fields
messagestring

Error codes

400Cannot delete yourself or admin users.
404User not found.