Open in app

Sign in

Write

Sign in

How to delete users from Firebase the right way

Gastón Saillén
Firebase Tips & Tricks
Published in
4 min readOct 30, 2019

I’m sure that if you have used Firebase realtime database or even Firebase Firestore you wanted to store data generated by the current user using your app inside one of those databases.

In this case, we are storing inside a user ID the user data.

First, let's go back and talk about how this random ID was generated and where it was stored.

If you have used any auth provider like Google, Facebook or even Email and Password to authenticate any of your users, you will generate a new userID after you use this method

auth.createUserWithEmailAndPassword(email, password)
        .addOnCompleteListener(this) { task ->
            if (task.isSuccessful) {
                // Sign in success, update UI with the signed-in user's information
                Log.d(TAG, "createUserWithEmail:success")
                val user = auth.currentUser
                updateUI(user)
            } else {
                // If sign in fails, display a message to the user.
                Log.w(TAG, "createUserWithEmail:failure", task.exception)
                Toast.makeText(baseContext, "Authentication failed.",
                        Toast.LENGTH_SHORT).show()
                updateUI(null)
            }

            // ...
        }

After you use createUserWithEmailAndPassword in this example, your current user will be given a random UID, this random UID will be permanent for each login that user does inside your app. This same process is for all different auth providers that firebase support. You can see that we can access that current userID after task.isSuccessful is completed with

val user = auth.currentUser

After you login in your app, you can see the current user created inside your Firebase console, here you can see that the user created has an unique userID that represents that user, so, no matter what, every login you do with that same email and password, the user will have that ID that represents itself, and then with that id you can store data inside it at any database (Realtime Database or Firestore)

But wait…. how we can delete users? , we are getting into it 🤗

So, there are two ways of deleting a user from Firebase, this depends on your use case and takes in count that the two methods do different things.

First method

One could be tempted to delete the user node inside the realtime database or firestore like this

Firebase Realtime Database

mRef.child(FirebaseAuth.getInstance().currentUser.uid).remove().addOnSuccessListener { ... }

Firebase Firestore

db.collection("users").document(FirebaseAuth.getInstance().currentUser.uid).delete()
.addOnSuccessListener { ... }
.addOnFailureListener { ... }

This is true, the data of all the user below that user id is deleted, inside the SuccessListener we can decide to send the user to a Login screen again and start the login process again, this works but we are not deleting the user doing this, we are just deleting the user data from that specific userID.

So, how I delete the user completely from Firebase?

Second method

Here we gonna see how to entirely delete all the user data from firebase authentication and also from the database, we can also choose to delete all user storage files but we will be focusing only on authentication and database.

// Realtime database mRef.child(FirebaseAuth.getInstance().currentUser.uid).remove().addO  nSuccessListener { FirebaseAuth.getInstance().currentUser!!.delete().addOnCompleteListener { //Go to login screen } }// Firestore
db.collection("users").document(FirebaseAuth.getInstance().currentUser.uid).delete()
.addOnSuccessListener { FirebaseAuth.getInstance().currentUser!!.delete().addOnCompleteListener {//Go to login screen} }
.addOnFailureListener { ... }

Be sure that currentUser is not null, this is because we need to use delete() on a signed-in user in order to delete its data from Authentication and also at the database.

What that code above does is the following

1.- It goes to the current database we are using (RealtimeDatabase or Firestore)

2.- It deletes all the user data from that node.

3.- When the data is deleted and the success listener is triggered, we proceed to delete the user from the Authentication tab (the one we mentioned early) and then we send the user to the login screen.

Doing this steps we assure that the user is completely deleted from Firebase Auth and all its data is being deleted as well at the database, as I mentioned, we can also delete the user storage files as well and clean all data of that user in our database. We can also prompt the user a dialog telling them what they want to delete, if the entire account, if just database or just storage, this will be really nice for privacy and the user will be happy :)

Before we finish, when we do .delete() on a user, there is no rollback, there is no prompt from the Framework that will ask us if we are sure to delete the user, so be really sure that you are referencing the right things to delete.

Also, when we do .delete() and login the user again, the userID for that user will be generated again since that user is no longer inside Authentication anymore.

That's all :)

If you have any questions or suggestions, please leave a comment below.

#BetterTogether

Firebase
Firebaseauthentication
Firebaserealtimedatabase
Firestore
Firebase Privacy

--

--

Gastón Saillén
Firebase Tips & Tricks

Written by Gastón Saillén

232 Followers
Editor for

Android & Firebase GDE

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams