The XignSys SDK offers the functionality to delete the user's account at the XignIn-Manager. Beware that this is a process that cannot be undone. Once the account has been successfully deleted, the account itself and all associated userdata will be removed from the XignIn-Manager. However, accounts of linked services will not be deleted, as the XignIn technology only offers authentication for those accounts and does not manage them. The user should be informed about these constraints, because using XignIn to login at a linked service account is naturally not possible anymore after the XignIn account has been deleted.
Attention:
If an authentication via XignIn is the only option to log in to third party account, the deletion of the XignIn account may render the third party account inaccessible.
In order to delete the account an authentication is required. The process can be started by invoking the function
startDeletionSynchronous(idmIdentifier:) or its asynchronous counterpart of the Personalizer. For that
the idmIdentifier of the XignIn-Manager from which the account should be deleted is required. The result of the
function is an AuthenticationInitializationData object which can be used to complete the authentication process as
described in chapter Authentication.
If successful, the result of the authentication process will be of the type ApiAccessDelete. With this instance the
account deletion process can be finalized by
invoking finishDeletionSynchronous(request:) or its asynchronous counterpart of the Personalizer. Beware, that once
this function is invoked, it cannot be canceled and the account will be permanently deleted and cannot be
recovered. After receiving a successful result, the deletion of the account is completed.
Note that the personalized XignIn-Manager will not be automatically removed after an account deletion. To
de-personalized the XignIn-Manager either the function depersonalizeIdentityManagerSynchronous(idmIdentifier:) of
the Personalizer can be called or the XignSys SDK can be reset entirely as described in the
chapter Reset the SDK.
The following example shows how the process could be implemented:
func deleteAccount(idmIdentifier: String) throws {
// The personalizer handles numerous features to create, update and delete activations.
let personalizer: Personalizer = XignSdk.shared.personalizer
// Fetch authentication initialization data from the SDK, since the user
// has to be authenticated before the account can be deleted.
let authInitData: AuthenticationInitializationData =
try personalizer.startDeletionSynchronous(idmIdentifier: idmIdentifier)
// Perform a regular authentication as described in the authentication chapter.
let authenticationResult: AuthenticationResult = try YourImplementation.authenticateUser(authInitData)
let apiAccessDelete: ApiAccessDelete
// Check the authentication result. In order to be able to delete the account, a result of type
// `.apiAccessDelete` is required. All other results in this process have to be considered and
// handled as errors.
switch authenticationResult {
case .apiAccessDelete(let apiAccessDeleteData):
// An `ApiAccessDelete` indicates the successful authentication in order to perform a delete action.
apiAccessDelete = apiAccessDeleteData
case .userLogin,
.serviceLogin,
.apiAccessAddFactor,
.apiAccessChangePin,
.apiAccessMergeComplete,
.apiAccessRequestNewActivationData:
throw YourError.yourErrorCase
case .lockout:
// Receiving a lockout does not indicate an error in the process flow and has to be handled
// differently. Please refer to the section 'ErrorHandling' for detailed information.
YourImplementation.handleLockoutAndRepeatAuthentication()
return
}
// Finish the process of deleting the account. After a successful completion the account is removed
// permanently. Make sure the user really wants to perform this action, as there is now way to undo
// this action.
let deletionResult: DeletionResult = try personalizer.finishDeletionSynchronous(request: apiAccessDelete)
// The result can be check for the type of deletion that was performed. Note that for version 4.3.0
// of the XignSys SDK there is only one type: `account`. More types may be added in future.
let idmIdentifier: String
switch deletionResult {
case .account(idmIdentifier: let receivedIdmIdentifier):
// The identifier of the XignIn-Manager the account was deleted from.
idmIdentifier = receivedIdmIdentifier
}
// After the account has been deleted, the XignSys SDK does not automatically remove all persisted
// data from the end user's device. To achieve this, the following function can be called:
_ = try personalizer.depersonalizeIdentityManagerSynchronous(idmIdentifier: idmIdentifier)
}
fun deleteAccount(idmIdentifier: String) {
// The personalizer handles numerous features to create, update and delete activations.
val personalizer: Personalizer = XignSdk.shared.personalizer
// Fetch authentication initialization data from the SDK, since the user
// has to be authenticated before the account can be deleted.
val authInitData: AuthenticationInitializationData = personalizer.startDeletionSynchronous(idmIdentifier)
// Perform a regular authentication as described in the authentication chapter.
val authenticationResult: AuthenticationResult = YourImplementation.authenticateUser(authInitData)
val apiAccessDelete: ApiAccessDelete
// Check the authentication result. In order to be able to delete the account, a result of type
// `.apiAccessDelete` is required. All other results in this process have to be considered and
// handled as errors.
when (authenticationResult) {
is ApiAccessDelete -> {
// An `ApiAccessDelete` indicates the successful authentication in order to perform a delete action.
apiAccessDelete = authenticationResult
}
is ApiAccessAddFactor,
is ApiAccessChangePin,
is ApiAccessMergeComplete,
is ApiAccessRequestNewActivationData,
is ServiceLoginResult,
is UserLoginResult -> {
throw YourException()
}
is Lockout -> {
// Receiving a lockout does not indicate an error in the process flow and has to be handled
// differently. Please refer to the section 'ErrorHandling' for detailed information.
YourImplementation.handleLockoutAndRepeatAuthentication()
return
}
}
// Finish the process of deleting the account. After a successful completion the account is removed
// permanently. Make sure the user really wants to perform this action, as there is now way to undo
// this action.
val deletionResult: DeletionResult = personalizer.finishDeletionSynchronous(apiAccessDelete)
// The result can be check for the type of deletion that was performed. Note that for version 4.3.0
// of the XignSys SDK there is only one type: `account`. More types may be added in future.
val deletedIdmIdentifier: String
when (deletionResult) {
is DeletionResult.Account -> {
// The identifier of the XignIn-Manager the account was deleted from.
deletedIdmIdentifier = deletionResult.idmIdentifier
}
}
// After the account has been deleted, the XignSys SDK does not automatically remove all persisted
// data from the end user's device. To achieve this, the following function can be called:
personalizer.depersonalizeIdentityManagerSynchronous(deletedIdmIdentifier)
}