The User Privacy API helps you comply with end-user data deletion requests mandated by global privacy laws such as GDPR and CCPA.
The API lets you programmatically submit requests to delete all data for a set of known Amplitude IDs or User IDs.
This API uses basic authentication, using the API key and secret key for your project. Pass base64-encoded credentials in the request header like {api-key}:{secret-key}
. api-key
replaces username, and secret-key
replaces the password.
Your authorization header should look something like this:
--header 'Authorization: Basic YWhhbWwsdG9uQGFwaWdlZS5jb206bClwYXNzdzByZAo'
For more information, see Find your API Credentials
Region | Endpoint |
---|---|
Standard server | https://amplitude.com/api/2/deletions/users |
EU residency server | https://analytics.eu.amplitude.com/api/2/deletions/users |
Keep these considerations in mind when using the User Privacy API.
delete_from_org
parameter to true
in your request. In this case, the ignore_invalid_ids
parameter is ignored and treated as true
. The API then creates one deletion job per project across your entire organization that contains information on the requested users.submitted
. You can't stop the job at this point.done
.delete_from_org
parameter to true
in your request. With this, the API creates one deletion job per project that contains information on the requested users.Using this API doesn't prevent future user tracking for the deleted users. To learn about how to stop tracking users in your application, see the setOptOut()
method in documentation for the Amplitude SDK you're using.
The endpoint /api/2/deletions/users
has a rate limit of 1 HTTP request per second. Each HTTP request can contain up to 100 amplitude_ids
or user_ids
.
Make up to 100 deletion requests per second if you batch 100 users in each request.
POST /deletions/users
Add a user for deletion using a JSON body. Specify up to 100 users at a time. You can use mix of Amplitude IDs and User IDs.
Example: Delete a user in one project
Example: Delete users from all projects
The body parameter is required. It's the deletion request object listing the user_ids
and amplitude_ids
for the users to delete.
Name |
Description |
---|---|
amplitude_ids |
Amplitude IDs for the users to delete. |
user_ids |
User IDs for the users to delete. |
requester |
The internal user who requested the deletion. This is useful for auditing. |
ignore_invalid_id |
Boolean. Defaults to false . With false , if any users in the request aren't found in the project, the API returns a 400 error, and it doesn't mark any users in the request for deletion. With true , the response is a 200 success that includes a list of invalid_ids , and the API adds any users found in the relevant project to the relevant job. invalid_ids represent any requested users with no data found in the relevant project. If the parameter delete_from_org is true , this field is automatically set to true , ignoring the input. |
delete_from_org |
Boolean. Defaults to false . By default, the request will only delete the requested users from the project identified by the given API key. When set to true , the requested users are deleted across your entire organization. In doing so, the request will insert the end users into a job for each project that contains data for the requested users. When true , the ignore_invalid_ids parameter is automatically set to true , ignoring the input. |
include_mapped_user_ids |
When true , this parameter returns the valid user_id values that correspond to a supplied amplitude_id . This only changes the response object. To delete mapped users set with the User Mapping API, include each user_id of the mapped user in the user_ids array. |
The response for a POST request contains these fields:
Name |
Description |
---|---|
day |
The day the deletion job is scheduled to begin. |
status |
The status of the deletion job. |
amplitude_ids and user_ids |
List of the Amplitude IDs to delete. |
app |
The project or app ID. Included when the deletion request is for multiple projects. |
invalid_ids |
When ignore_invalid_ids is true , contains a list of users that were requested but not found in the projects |
The amplitude_ids
key contains these fields:
Name |
Description |
---|---|
amplitude_id |
The Amplitude ID of the user to be deleted. |
requester |
The person who requested the Amplitude ID to be deleted. |
requested_on_day |
The day this deletion was requested. |
user_id |
The corresponding User ID. Included when include_mapped_user_ids is true and the amplitude_id are matched to user_ids . |
/api/2/deletions/users?start_day=YYYY-MM-DD&end_day=YYYY-MM-DD
Retrieves a list of deletion jobs scheduled in a time range. The time range should include the date you made the request on plus 30 days. For example, you made a deletion request on August 1st, 2018.
Your deletion request should have start_day = 2018-08-01
and end_day = 2018-08-31
.
If the request returns no values, then no jobs are scheduled for that time range. Note: The largest permitted time range is six months.
1# You can also use wget2curl -X GET https://amplitude.com/api/2/deletions/users?start_day=string&end_day=string \3 -H 'Accept: application/json' \4 -U API_KEY:API_SECRET
1GET https://amplitude.com/api/2/deletions/users?start_day=string&end_day=string HTTP/1.12Host: amplitude.com3Authorization: Basic API_KEY:API_SECRET4Accept: application/json
1var headers = { 2 'Accept':'application/json' 3 4}; 5 6$.ajax({ 7 url: 'https://amplitude.com/api/2/deletions/users', 8 method: 'get', 9 data: '?start_day=string&end_day=string',10 headers: headers,11 success: function(data) {12 console.log(JSON.stringify(data));13 }14})
1const request = require('node-fetch'); 2 3const headers = { 4 'Accept':'application/json' 5 6}; 7 8fetch('https://amplitude.com/api/2/deletions/users?start_day=string&end_day=string', 9{10 method: 'GET',11 12 headers: headers13})14.then(function(res) {15 return res.json();16}).then(function(body) {17 console.log(body);18});
1require 'rest-client' 2require 'json' 3 4headers = { 5 'Accept' => 'application/json' 6} 7 8result = RestClient.get 'https://amplitude.com/api/2/deletions/users', 9 params: {10 'start_day' => 'string',11'end_day' => 'string'12}, headers: headers13 14p JSON.parse(result)
1import requests 2headers = { 3 'Accept': 'application/json' 4} 5 6r = requests.get('https://amplitude.com/api/2/deletions/users', params={ 7 'start_day': 'string', 'end_day': 'string' 8}, headers = headers) 9 10print r.json()
1URL obj = new URL("https://amplitude.com/api/2/deletions/users?start_day=string&end_day=string"); 2HTTPURLConnection con = (HTTPURLConnection) obj.openConnection(); 3con.setRequestMethod("GET"); 4int responseCode = con.getResponseCode(); 5BufferedReader in = new BufferedReader( 6 new InputStreamReader(con.getInputStream())); 7String inputLine; 8StringBuffer response = new StringBuffer(); 9while ((inputLine = in.readLine()) != null) {10 response.append(inputLine);11}12in.close();13System.out.println(response.toString());
1package main 2 3import ( 4 "bytes" 5 "net/http" 6) 7 8func main() { 9 10 headers := map[string][]string{11 "Accept": []string{"application/json"},12 13 }14 15 data := bytes.NewBuffer([]byte{jsonReq})16 req, err := http.NewRequest("GET", "https://amplitude.com/api/2/deletions/users", data)17 req.Header = headers18 19 client := &http.Client{}20 resp, err := client.Do(req)21 // ...22}
Name | Description |
---|---|
start_day |
Required. First hour included in data series, formatted YYYY-MM-DD . For example, 20220201 . |
end_day |
Required. Last hour included in data series, formatted YYYY-MM-DD For example, 20220201 . |
The success response for a GET
request contains these fields:
Property |
Description |
---|---|
day |
The day the deletion job is scheduled to begin. |
status |
The deletion job's status. Staging: The job hasn't started, and you can modify it. More deletion requests may get scheduled into this job and you can remove requests from this job. Submitted: The job is submitted to run. You can't modify it. Done: The job has finished running. You can't modify it. |
amplitude_ids |
List of the Amplitude Ids of users to delete. |
app |
Project or app ID. Appears if the deletion is applied to more than one project. |
active_scrub_done_date |
The date that the scrub has completed, and the data is no longer accessible. After this point, the system waits 5 days for any backups to be automatically cleared. The status will change to 'done' only when the backups are removed. |
The amplitude_ids
key contains these fields:
Name |
Description |
---|---|
amplitude_id |
The Amplitude ID of the user to be deleted. |
requester |
The person who requested the Amplitude ID to be deleted. |
requested_on_day |
The day this deletion was requested. |
1[ 2 { 3 "day": "string", 4 "amplitude_ids": [ 5 { 6 "amplitude_id": 0, 7 "requested_on_day": "string", 8 "requester": "string" 9 }10 ],11 "status": "string"12 }13]
Removes the specified Amplitude ID from a deletion job.
/api/2/deletions/users/AMPLITUDE_ID/YYYY-MM-DD
1curl -X DELETE \2 'https://amplitude.com/api/2/deletions/users/AMPLITUDE_ID/JOB_START_DAY' \3 -H 'Content-Type: application/json' \4 -U API_KEY:API_SECRET
Name |
Description |
---|---|
AMPLITUDE_ID |
Required. The amplitude_id to be removed from a deletion job. |
JOB_START_DAY |
Required. Day the deletion is schedule for. YYYY-MM-DD |
A successful request returns a response with this schema:
Property |
Description |
---|---|
amplitude_id |
The Amplitude ID of the user that was removed from the job |
requester |
The person who requested the Amplitude ID to be deleted. |
requested_on_day |
The day this deletion was requested. |
1{2 "amplitude_id": 1234567,3 "requested_on_day": "string",4 "requester": "string"5}
Code | Message |
---|---|
200 | Success |
400 | Bad Request |
401 | Unauthorized |
Thanks for your feedback!
May 21st, 2024
Need help? Contact Support
Visit Amplitude.com
Have a look at the Amplitude Blog
Learn more at Amplitude Academy
© 2024 Amplitude, Inc. All rights reserved. Amplitude is a registered trademark of Amplitude, Inc.