User deletion
652 views
Skip to first unread message
Unicard Support
Feb 15, 2023, 8:13:06 AM2/15/23
to Keycloak User
Hi there.
I work as a data protection adviser on behalf of Unicard Ltd. (UK) We are a software development company and have recently integrated Key cloak into a number of new systems.
I am trying to complete some documentation for a new clients data protection agreement. We need to understand the process when a user is deleted from Key cloak and what happens to the user data what (If anything) and how it is destroyed / deleted exactly.
I am trying to complete some documentation for a new clients data protection agreement. We need to understand the process when a user is deleted from Key cloak and what happens to the user data what (If anything) and how it is destroyed / deleted exactly.
Are you able to offer me some insight on this subject?
Regards
Ben
Regards
Ben
Tobias Häfner
Feb 16, 2023, 2:44:37 AM2/16/23
to Keycloak User
Hi Ben,
Best regards
Tobias
Thomas Darimont
Feb 16, 2023, 3:14:53 AM2/16/23
to Keycloak User
Hello,
In some of our projects we added support for deleting users after some period of inactivity (2 years). In order to do this, you need to track the time of last activity, e.g. login timestamp with a custom extension.
Then query the Keycloak database for users that have not signed-in within the a period and use the Keycloak admin api to delete the user. Using deleting a user with the keycloak api will remove the user, their attributes, and their credentials.
As an additional note, you can also allow users to delete their own account: https://www.keycloak.org/docs/latest/server_admin/index.html#proc-allow-user-to-delete-account_server_administration_guide
Cheers,
Thomas
Tobias Häfner
Feb 16, 2023, 3:26:38 AM2/16/23
to Keycloak User
Here you can see how something like this can look. Unfortunately, you have to write it yourself.
Best regards
Tobias
Unicard Support
Feb 17, 2023, 7:20:43 AM2/17/23
to Keycloak User
Hi All,
Ben Hepworth
Thank you for your replies however these responses don't quite answer my question. I need to understand how the data is destroyed within the keycloak data base and on the disk itself?
For example, is the deleted data overwritten with 0's upon deletion or after a given time frame?
Many thanks
Ben Hepworth
Tobias Häfner
Feb 20, 2023, 4:11:10 AM2/20/23
to Keycloak User
Hello,
I think that depends on the database you use. It will create a delete statment on the database. What the database does after that depends on the db.
With MySQL it will write Zeros on hard disk.
Best regards
Tobias
Unicard Support
Mar 1, 2023, 10:51:11 AM3/1/23
to Keycloak User
Thank you Tobias.
This was helpful.
Thank you all for your responses.
Regards
Unicard Support
This was helpful.
Thank you all for your responses.
Regards
Unicard Support
Reply all
Reply to author
Forward
0 new messages