Method to Remove customer account using shopify API

Solved
Highlighted
Shopify Partner
29 4 4

Dear all,

I am working new online store for client, in which i need to provide the option like  "Delete user account" for customer to delete their account.

I have used following function to delete it. But it was not deleting the account. Instead it just displaying the .json file in page as shown in image.  Please help me to resolve this issue. 

<form
  class="address-delete-form"
  method="delete"
  action="/admin/api/2019-04/customers/{{customer.id}}.json"
  data-confirm-message="{{ 'customer.addresses.delete_confirm' | t }}"
>
  <input type="hidden" name="_method" value="delete" />
  <button type="submit">
    {{ 'customer.addresses.delete' | t }}
  </button>
</form> 

JSON OUTPUTJSON OUTPUT

 

Please show some sample working code to resolve this issue.

 

Thanks & Regards,

Pon maheswaran K

0 Likes
Highlighted
Shopify Partner
29 4 4

Dear all,

Please let me know, why my question has not been answered yet?

Is it  irrelevant to this forum or something else.?

 

Please let me know. If you answer me, then i could correct myself move forward to use/Not use this shopify.

 

 

Thanks & Regards,

Pon maheswaran K

0 Likes
Highlighted
Shopify Partner
29 4 4

This is an accepted solution.

Dear all ,

It can be deleted using following API. It worked for me.

https://shopify.dev/docs/admin-api/rest/reference/customers/customer?api[version]=2020-04#destroy-20... 

Procedure as follows.

Goto your Shopify store Admin.

There is a "Apps" option at left side(https://famzon-development.myshopify.com/admin/apps )

Click on "Apps" and it will open the respective things at right side.

 

In right side find "Manage private apps" Hyper link.

On click of that, will open "Private apps" screen in which you can find "Create new private app" button.

Now click on "Create new private app" button and create the new private APP and get API key and password.

And below of "API key" and "Password" field, you can find "ADMIN API PERMISSIONS" heading.

provide "read and Write" permission for "Customers". and save that App.

 

Now copy that "Example URL" provided below that Password field. And append customer account delete API as follows.( In API_KEY and PASSWORD, replace with your private app's credentials)

https://{API_KEY}:{PASSWORD}@famzon-development.myshopify.com//admin/api/2020-04/customers/{customer...

 

Now using this API, make your AJAX call as follows to Delete customer account.

var target="https://API_KEY:PASSWORD@famzon-dev-msc.myshopify.com/admin/api/2020-04/customers/{{customer.id}}.json"

Shopify.postLink(target, {
parameters: { _method: 'DELETE' }
});

{{customer.id}} is mandatory. Because, the information you are deleting based on each user(Customer). So inputting customer ID is mandatory.

This call will delete your customer info.

 

Regards,

Pon.

1 Like
Highlighted
Shopify Partner
2294 116 353

A clarification on security 

in which i need to provide the option like  "Delete user account" for customer to delete their account

...

Now using this API, make your AJAX call as follows to Delete customer account.

A reminder to anyone doing this , ajax call such as this need to be from a server you control at the customers request and not directly from client side.

Do not expose the backends private api calls directly in the fronted to customers by placing the keys directly into clientside ajax calls, or you risk some using those keys to delete other users accounts.

 

Problem Solved? ✔️Accept and ? Like the solution so you can help others.
Buy me a coffee ☕ paypal.me/paulnewton or donate to eff.org
Confused? Busy? Buy a custom solution paull.newton+shopifyforum@gmail.com
1 Like
Highlighted
Shopify Partner
29 4 4

Dear @PaulNewton ,

Thanks for your valuable information. To access such a direct things(Like deleting user account and updating user Mail ID etc..) through private APP, what would be the best way to post/fetch data other than REST API?

Please suggest, if you have any ideas.

 

Thanks & Regards,

Pon maheswaran K

0 Likes
Highlighted
Shopify Partner
2294 116 353

the requests still go to the rest api, what matters is WHERE the request is coming from.

If your issuing these requests on a private backend server it doesn't matter since the keys aren't accessible by others.

However if frontend code is making a direct javascript ajax request with the auth keys in the browser to the shopify api when the customer visits the site that means your publicly publishing private auth information, while you can do this it's a dangerous approach to handling user side input.

 

Customers -> request deletion -> private app backend -> app with auth keys makes delete request -> shopify api -> success in private app -> notify customer

 

 

 

Problem Solved? ✔️Accept and ? Like the solution so you can help others.
Buy me a coffee ☕ paypal.me/paulnewton or donate to eff.org
Confused? Busy? Buy a custom solution paull.newton+shopifyforum@gmail.com
1 Like
Highlighted
Shopify Partner
29 4 4

Dear @PaulNewton ,

Thanks for your suggestion. As per that, when it comes to actual shop (To avoid CORS issue), i needed the intermediate server to request data from backend (Using php).

We have successfully created the intermediate server with php curl request.  

 

Regards,

Pon maheswaran K

0 Likes