How to successfully configure an Account Deletion flow? #11155
Replies: 2 comments 16 replies
-
|
The RBAC permissions are not fit for this purpose. Giving those would allow the user to delete someone via the admin interface. I also have a simple user delete flow which works fine. Would you be willing to share how you setup your flow? Maybe you included a group binding in one of the stages? |
Beta Was this translation helpful? Give feedback.
-
|
I added a policy where it just contained an ak_message() function call with a message but it does not seem to appear at the consent stage.
|
Beta Was this translation helpful? Give feedback.
-
|
I think you have to enable the checkbox for when flow is planned or attach the policy to a stage before the consent stage |
Beta Was this translation helpful? Give feedback.
-
|
Nope, it didn't work, I have settled for a needlessly complicated method where it displays a prompt with a dropdown box asking them to choose Yes or No, if they choose Yes, the account is deleted, if it is No, then it sits there and returns False. Would be great to redirect back to the original page but the flow_plan variable and its redirect method seem to be houdini. |
Beta Was this translation helpful? Give feedback.
-
|
I gave in and just did a consent stage. If they delete their account, they delete their account, I no longer care, I am stressed and it should not be remotely this difficult to implement a simple yes or no prompt and then redirect if they choose no. Thank you for your time and patience Loapu, I wish I had that same level. |
Beta Was this translation helpful? Give feedback.
-
|
You're welcome, authentik has some pretty huge weaknesses when it comes to custom stuff like custom texts, design and stuff like that. |
Beta Was this translation helpful? Give feedback.
-
|
I'm done. |
Beta Was this translation helpful? Give feedback.
-
I'm currently stuck trying to build out a Delete your Account flow and stage in Authentik, I've got the flows and stages down but the only problem is that a user that is trying to delete their account needs to be super user to be able to delete the account, if they are not super user then they get a Request Denied error.
When I log in as my test user Tommy, I'll go to the User Settings, click the Delete Account button, enter the password as per the flow requirements and then it should go to a user-delete stage but then spits out Request has been denied. If I then set the test user as a super user, I can delete the account but then the test user has super user rights and can access the Admin Panel which is of course, a terrible idea for security.
I looked into the Roles section, creating a role called Authentik Users and adding Authentik Core (Can Delete User) to the Assigned Global Permissions section, but I can't assign users to the role, instead they can only be assigned to groups, so I created a group called Authentik Users and put the test user in there and assigned it to the Authentik Users role but that does not seem to trickle down. I gotta admit, the documentation has been infuriating.
So can some please explain like I'm five, how someone is supposed to configure a way to allow users to delete their accounts if they wish to leave the service?
Beta Was this translation helpful? Give feedback.
All reactions