Skip to content

[Docs] Investigate Internal Behaviors for Account Feature #473

New issue
New issue
Closed
#477
Closed
[Docs] Investigate Internal Behaviors for Account Feature#473
#477
Assignees
zihanKuang
Labels
area/docsImprovements or additions to documentationframework/hugohelp wantedExtra attention is neededlanguage/markdown
@zihanKuang

Description

@zihanKuang
zihanKuang
opened on Mar 28, 2025

Description

This issue aims to verify and document the internal behavior and consequences of the "Delete Account" feature in Meshery. While the user-facing functionality is straightforward, the system-level implications and edge cases need to be confirmed and clearly documented in docs.layer5.

Investigation Checklist

User Data

  • Are the user’s Designs permanently deleted?
    • Does this include both Draft and Published versions?
  • Can other users still access content previously published by this user (e.g., Catalog Items)?
    • Is the author shown as "Unknown" or is the item hidden/deleted?
  • Are user-specific settings (preferences, locale, notifications) cleared?
  • Team-related impact:
  • Is the user’s team membership immediately revoked?
  • If the user was the creator of a team, is the team deleted or reassigned?
  • If the user was the only admin, what happens to the team?

Authentication & Account Linking

  • After account deletion, what happens when the same email is used to sign up again?
  • Does it result in an error?
  • Is reactivation triggered?
  • Can previous data be restored?
  • What happens to linked GitHub/Google accounts?
  • Are the linked OAuth accounts automatically unlinked?
  • Can the same GitHub/Google account be used again to register a new account?

Logs & Residual Data

  • Are activity logs or audit trails anonymized or deleted?
  • Are collaborative records (comments, analysis, logs) retained?
  • Are they relabeled as "Deleted User" or similar?
  • Is there any grace period (e.g., 30 days) to recover deleted accounts?

User Experience

  • Is there a confirmation prompt before deletion?
    • Does it require a typed confirmation (e.g., entering “DELETE”)?
  • After deletion, is the user logged out and redirected to login/homepage?
  • Is there a data export option before account deletion?

API & Permission Handling

  • Which API endpoint handles account deletion? (e.g., DELETE /api/user)
  • Does the endpoint require authentication/authorization?
  • What are the possible response codes (200, 204, 403, etc.)?
  • Who can perform deletion?
    • Only the user themselves?
    • Can admins delete accounts?

Optional Technical Checks

  • Is the delete action logged in internal audit logs?
  • Is there a support-based/manual process for deletion (beyond self-service)?

Outcome

The confirmed behaviors and constraints will be documented under the “Delete Account” section in the Account Management category on docs.layer5.io.

Metadata

Metadata

Assignees

Labels

area/docsImprovements or additions to documentationframework/hugohelp wantedExtra attention is neededlanguage/markdown

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions