Create, Delete, and Remove Users
On this page
Atlas Device SDK provides built-in functionality to manage application users, both on the device and in Atlas. Your application can take advantage of role-based data access rules to determine the read and write permissions of a given user. When combined with Sync subscription queries, these features determine what data a user can read and write from a synced database.
The SDK also provides functionality to extend a user object, and manage multiple users or identities:
You can associate metadata or custom data with user accounts.
Users can have multiple identities. For more information, refer to Link User Identities.
Your app can manage multiple users on a device. For more information, refer to Multi-User Applications.
For more information about authentication providers, identities, and user sessions, refer to Authenticate & Manage Users in the App Services documentation.
Atlas Device SDK Users vs. Other User Types
Atlas Device SDK users are distinct from database users or Atlas account users. SDK users are bounded by the App Services App where they are registered, and only have access to resources you provide through the App. Your application can let SDK users:
Call Data API or custom HTTPS endpoints
Read and write from specified collections and databases in MongoDB Atlas through the MongoClient API
SDK users do not have direct Atlas database access, or direct Atlas account access. It is your responsibility to manage these application users, including complying with data retention or deletion policies and regulatory requirements where you publish your applications.
Create Users
For most authentication methods, Atlas App Services automatically creates a user object the first time a user authenticates. The only exception is email/password authentication. When you use email/password authentication, you must register and confirm a user before the user can authenticate to an App Services App.
Automatically Create Users
When you authenticate a user with one of the following authentication providers, this automatically creates a user object for the user:
Anonymous authentication
OAuth 2.0 through Facebook, Google, and Apple ID
Custom JWT
Custom Function
If your app uses email/password authentication, you must manually create users either in the client code or in Atlas.
If you are adding a secondary authentication method, such as adding a OAuth credential for a user created through anonymous authentication, you may want to link user identities instead of creating a new user. For more details about how to link these identities, refer to Link User Identities.
Manually Create Users
If your app uses email/password authentication, your app must explicitly register a user to create the user object in App Services. This method is independent of authenticating a user. For more information about registering email/password users, refer to Register an New User Account.
You can also manually create email/password users through App Services. For more information about manually creating users through the UI, App Services Admin API, or App Services CLI, refer to Create an Email/Password User in the App Services documentation.
Account Deletion Requirements
When you distribute your application through some app stores or in some regions, an app that requires users to create an account also requires you to give users the option to delete their account and any associated user data or metadata. The SDK provides a method you can call from the client code to comply with these deletion requirements. However, this method only deletes the user account; it does not delete any associated user data or metadata.
Following is a resource that provides some details about these account deletion requirements for distribution through the Apple and Google app stores. This is not intended to be a comprehensive list of resources related to account deletion requirements. Consult your distribution agreements and any relevant regulations in the regions where you plan to distribute your application to ensure you comply with all applicable account and data deletion policies.
Apple requires that applications listed through its App Store must give any user who creates an account the option to delete the account. Whether you use an authentication method where you must manually register a user, such as email/password authentication, or one that that automatically creates a user, such as Sign-In with Apple, you must implement user account deletion.
Google requires that applications listed through its Google Play store must give any user who creates an account an in-app path to delete the account and its associated data. Whether you use an authentication method where you must manually register a user, such as email/password authentication, or one that that automatically creates a user, such as Sign-In with Google, you must implement user account deletion.
Delete Users from Atlas
The SDK provides a method you can call from an application to delete the user object. This sends a request to Atlas to delete the user from the server.
Important
Deleting a user only deletes the user object, which may contain associated metadata. This does not delete custom user data or user-entered data from your application. If you collect additional user data, you must implement your own methods or processes to delete that data.
You can use the Authentication Trigger DELETE event to programmatically clean up other data when you delete a user. For example, you can delete the user's data from your custom user data collection or another service.
Calling the user delete method performs the following:
Deletes synced databases associated with the user from the device.
Deletes the
Userobject from the Atlas App Services server.Sets the user state on the device to removed.
Because this method deletes any synced databases owned by the user, you should only call this method after closing the user's databases.
If the deleted user wants to use your app in the future, the user must sign up for a new account. They can use the same credentials (depending on the authentication provider), but the new account does not have the same user ID or links to custom user data as their deleted account.
The C++ SDK does not have the ability to delete users through the SDK.
You can delete users from the server using the App Services
Admin API delete a user endpoints. You could optionally
create an Atlas Function that uses the Admin API to
delete a user, and call the function from the SDK.
To delete a user, call the DeleteUserFromServerAsync(User) method.
Call the App.deleteUser() on a user object to delete the user's account from your App Services App.
The Java SDK does not have the ability to delete users through the SDK.
You can delete users from the server using the App Services
Admin API delete a user endpoints. You could optionally
create an Atlas Function that uses the Admin API to
delete a user, and call the function from the SDK.
Call the App.deleteUser() method with a user object to delete the user from your App Services App. This deletes the object from the server in addition to clearing data from the device.
To permanently delete a User object from both your client app
and the Atlas App Services App, call the delete method on a logged-in user:
The Java SDK does not have the ability to delete users through the SDK.
You can delete users from the server using the App Services
Admin API delete a user endpoints. You could optionally
create an Atlas Function that uses the Admin API to
delete a user, and call the function from the SDK.
You can call the -deleteWithCompletion method on a RLMUser object to delete the user object from your App Services App. This deletes the object from the server in addition to clearing data from the device.
You can call the delete method on a user object to delete the user object from your App Services App. This deletes the object from the server in addition to clearing data from the device.
Call the App.deleteUser() method with a user object to delete the user from your App Services App. This deletes the object from the server in addition to clearing data from the device.
// The C++ SDK does not currently support this API.
await app.DeleteUserFromServerAsync(user);
final currentUser = app.currentUser!; await app.deleteUser(currentUser);
// The Java SDK does not support this API.
await app.deleteUser(app.currentUser);
val app: App = App.create(YOUR_APP_ID) runBlocking { // Log user in val user = app.login(credentials) // Work with logged-in user ... // Delete the logged-in user from the device // and the Atlas App Services App user.delete() }
// The Java SDK does not support this API.
// The documentation does not currently have this code example in Objective-C. // Please refer to the other languages or related pages for example code.
Async/Await
func testAsyncDeleteUser() async throws { // Logging in using anonymous authentication creates a user object let syncUser = try await app.login(credentials: Credentials.anonymous) // Now we have a user, and the total users in the app = 1 XCTAssertNotNil(syncUser) XCTAssertEqual(app.allUsers.count, 1) // Call the `delete` method to delete the user try await syncUser.delete() // When you delete the user, the SyncSession is destroyed and // there is no current user. XCTAssertNil(app.currentUser) // Now that we've deleted the user, the app has no users. XCTAssertEqual(app.allUsers.count, 0) }
Closure-Style
// Logging in using anonymous authentication creates a user object app.login(credentials: Credentials.anonymous) { [self] (result) in switch result { case .failure(let error): fatalError("Login failed: \(error.localizedDescription)") case .success(let user): // Assign the user object to a variable to demonstrate user deletion syncUser = user } } // Later, after the user is loggedd in we have a user, // and the total users in the app = 1 XCTAssertNotNil(syncUser) XCTAssertEqual(app.allUsers.count, 1) // Call the `delete` method to delete the user syncUser!.delete { (error) in XCTAssertNil(error) } // When you delete the user, the SyncSession is destroyed and // there is no current user. XCTAssertNil(app.currentUser) // Now that we've deleted the user, the app has no users. XCTAssertEqual(app.allUsers.count, 0)
await app.deleteUser(app.currentUser);
Remove Users from Device
In some cases, you may not want to delete a user entirely, but may want to remove them from the device. In this scenario, users continue to exist in Atlas. You may want to force users to re-authenticate under some circumstances, such as when a paid subscription expires. Or you may want to temporarily persist a user on the server to allow for account recovery.
Removing a user:
Does not delete the
Userobject from the Atlas App Services App.Logs the user out if they are logged in.
Deletes synced databases associated with the user from the device.
Sets the user's state to removed.
Because removing a user deletes any synced databases owned by the user, you should only call this method after closing the user's databases.
The C++ SDK does not have the ability to remove users through the SDK. Instead, you could log out the user, and then manually delete the user's synced database and cached app files from the filesystem.
Call the RemoveUserAsync(User) method to remove the user and their data from the device.
Call the App.removeUser() on a user object to remove the user and their data from the device.
To remove a User object from your client app, call the
User.remove() or
User.removeAsync()
method.
Call the App.removeUser() method with a user object to remove the user from the device. This clears user data from the device, but does not delete the user from Atlas.
To remove a User object from your client app, call the
remove
method on a user:
To remove a User object from your client app, call the
User.remove() or
User.removeAsync()
method.
You can call the -removeWithCompletion method on a RLMUser object to remove the user from the device. This clears user data from the device, but does not delete the user from Atlas.
You can call the remove method on a user object to remove the user from the device. This clears user data from the device, but does not delete the user from Atlas.
Call the App.removeUser() method with a user object to remove the user from the device. This clears user data from the device, but does not delete the user from Atlas.
// The C++ SDK does not currently support this API.
// The documentation does not currently have this code example in C#. // Please refer to the other languages or related pages for example code.
// The documentation does not currently have this code example in Dart. // Please refer to the other languages or related pages for example code.
// The documentation does not have this code example in Java. // Please refer to the other languages or related pages for example code.
// The documentation does not currently have this code example in JavaScript. // Please refer to the other languages or related pages for example code.
val app = App.create(YOUR_APP_ID) // Replace with your App ID runBlocking { // Log user in val user = app.login(credentials) // Work with logged-in user ... // Remove the user from the device // If the user is logged in, they are logged out first // DOES NOT delete user from the App Services App user.remove() }
// The documentation does not have this code example in Kotlin for the Java SDK. // Please refer to the other languages or related pages for example code.
// The documentation does not currently have this code example in Objective-C. // Please refer to the other languages or related pages for example code.
// The documentation does not currently have this code example in Swift. // Please refer to the other languages or related pages for example code.
// The documentation does not currently have this code example in TypeScript. // Please refer to the other languages or related pages for example code.