Method to Remove customer account using shopify API

Dear all,

I am working new online store for client, in which i need to provide the option like “Delete user account” for customer to delete their account.

I have used following function to delete it. But it was not deleting the account. Instead it just displaying the .json file in page as shown in image. Please help me to resolve this issue.

<form
  class="address-delete-form"
  method="delete"
  action="/admin/api/2019-04/customers/{{customer.id}}.json"
  data-confirm-message="{{ 'customer.addresses.delete_confirm' | t }}"
>
  <input type="hidden" name="_method" value="delete" />
  <button type="submit">
    {{ 'customer.addresses.delete' | t }}
  </button>
</form> 

JSON OUTPUT1595×120 6.85 KB

Please show some sample working code to resolve this issue.

Thanks & Regards,

Pon maheswaran K

Dear all,

Please let me know, why my question has not been answered yet?

Is it irrelevant to this forum or something else.?

Please let me know. If you answer me, then i could correct myself move forward to use/Not use this shopify.

Thanks & Regards,

Pon maheswaran K

Dear all ,

It can be deleted using following API. It worked for me.

https://shopify.dev/docs/admin-api/rest/reference/customers/customer?api[version]=2020-04#destroy-2020-04

Procedure as follows.

Goto your Shopify store Admin.

There is a “Apps” option at left side(https://famzon-development.myshopify.com/admin/apps )

Click on “Apps” and it will open the respective things at right side.

In right side find “Manage private apps” Hyper link.

On click of that, will open “Private apps” screen in which you can find “Create new private app” button.

Now click on “Create new private app” button and create the new private APP and get API key and password.

And below of “API key” and “Password” field, you can find “ADMIN API PERMISSIONS” heading.

provide “read and Write” permission for “Customers”. and save that App.

Now copy that “Example URL” provided below that Password field. And append customer account delete API as follows.( In API_KEY and PASSWORD, replace with your private app’s credentials)

[https://{API_KEY}:{PASSWORD}@famzon-development.myshopify.com//admin/api/2020-04/customers/{customer_id}.json](http://var%20target=“https://b19009c5c728de2c94b711895eaf847b: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@famzon-dev-msc.myshopify.com/admin/api/2020-04/customers/{{customer.id}}.json” Shopify.postLink(target, { parameters: { _method: ‘DELETE’ } })

Now using this API, make your AJAX call as follows to Delete customer account.

var target="https://API_KEY:PASSWORD@famzon-dev-msc.myshopify.com/admin/api/2020-04/customers/{{customer.id}}.json"

Shopify.postLink(target, {
parameters: { _method: 'DELETE' }
});

{{customer.id}} is mandatory. Because, the information you are deleting based on each user(Customer). So inputting customer ID is mandatory.

This call will delete your customer info.

Regards,

Pon.

A clarification on security

in which i need to provide the option like “Delete user account” for customer to delete their account

…

Now using this API, make your AJAX call as follows to Delete customer account.

A reminder to anyone doing this , ajax call such as this need to be from a server you control at the customers request and not directly from client side.

Do not expose the backends private api calls directly in the fronted to customers by placing the keys directly into clientside ajax calls, or you risk some using those keys to delete other users accounts.

Dear @PaulNewton ,

Thanks for your valuable information. To access such a direct things(Like deleting user account and updating user Mail ID etc..) through private APP, what would be the best way to post/fetch data other than REST API?

Please suggest, if you have any ideas.

Thanks & Regards,

Pon maheswaran K

the requests still go to the rest api, what matters is WHERE the request is coming from.

If your issuing these requests on a private backend server it doesn’t matter since the keys aren’t accessible by others.

However if frontend code is making a direct javascript ajax request with the auth keys in the browser to the shopify api when the customer visits the site that means your publicly publishing private auth information, while you can do this it’s a dangerous approach to handling user side input.

Customers → request deletion → private app backend → app with auth keys makes delete request → shopify api → success in private app → notify customer

Dear @PaulNewton ,

Thanks for your suggestion. As per that, when it comes to actual shop (To avoid CORS issue), i needed the intermediate server to request data from backend (Using php).

We have successfully created the intermediate server with php curl request.

Regards,

Pon maheswaran K

it can be deleted by using the shopify API
https://shopify.dev/docs/admin-api/rest/reference/customers/customer?api[version]=2020-04#destroy-20…

need to Create new private app and generate the key" and “Password” field, you can find “ADMIN API PERMISSIONS” heading. need to provide “read and Write” permission for “Customers”. and save that App.

after that we need to pass that url in form and with the action delete method

Note : Only those users can delete their account that does not have order history
if any one wants Help regarding this , you can contact me - on skype - binarydata.aspdeveloper

Thanks

Hello are you still available to assist with this issue?

This issue has become more frequent, especially with new data regulations GDPR in Europe, PDPL example in Saudi Arabia and others.

We have made an app to address this issue and be compliant with different regulations attached, you can check it : https://apps.shopify.com/bayanatify

Hope this will help!