Open hughns opened 11 months ago
@pmaier1 we need some product input on this, please.
Should the user be required to complete any additional verification step ahead of being able to delete their account? e.g. OTP via email and/or re-authenticate?
Do you want the re-auth requirements to be configurable by the server admin?
@jaywink please can you confirm if this is needed or not for the Element One migration? If not I will change the phase on the issue in the project board.
@jaywink please can you confirm if this is needed or not for the Element One migration? If not I will change the phase on the issue in the project board.
@hughns This is not a blocker for EO, in fact we would actually want "An admin should be able to disable this function" to exist once MAS supports self-serve account deactivation.
For your information, this issue has been copied over to the Element fork of matrix-authentication-service
: https://github.com/element-hq/matrix-authentication-service/issues/1876
The self-service account UI should expose a UI to allow a user to delete their own account.
An admin should be able to disable this function if they choose. e.g. if deactivation is handled via an upstream IdP or some other means.
Open questions:
Relevant design screens: