Delete Me

curl --request DELETE \
  --url https://roughy-api-staging.fly.dev/api/v1/users/me \
  --header 'Authorization: Bearer <token>'

Delete Me

Soft-delete the caller’s account; idempotent.

Sets users.deleted_at = now(); the user retains read access and can call POST /me/restore for 30 days. The hard-delete cron then invokes UserDataService.hard_delete_user, which cascades owned content and anonymizes the row (financial records retained per CLAUDE.md §10).

Idempotent on already-deleted: returns 204 without bumping deleted_at. We deliberately skip require_active_account here so the second DELETE is a no-op rather than a 423.

DELETE

api

users

Delete Me

curl --request DELETE \
  --url https://roughy-api-staging.fly.dev/api/v1/users/me \
  --header 'Authorization: Bearer <token>'

Authorizations

Authorization

string

header

required

Either your Supabase session JWT (UI flows) or an API key minted via POST /api-keys (programmatic flows). Pass it as Authorization: Bearer <token>. The server inspects the token format and routes to JWT or API-key verification automatically.

Response

Successful Response

Get Me Update Me

⌘I

Overview

health

pipelines

assets

credits

users

api-keys

notifications

billing

webhooks

Delete Me

Authorizations

Response

Overview

health

pipelines

assets

credits

users

api-keys

notifications

billing

webhooks

Documentation Index

Authorizations

Response