Deleting Social Connections - Auth0 updates behind the scenes

jeremiah.brooks · October 20, 2022, 1:31pm

Hi,

My company has set up social connections (apple, google and facebook) and while digging into an issue around users not receiving our company’s delete account confirmation email when they delete their account on our platform. The specific users were Apple Social Connection users that elected to hide their email (utilize apple private relay documented here). After full investigation we have come to the root cause that the emails are bouncing because our Apple App is disconnected [1] from the user so the Apple Private Relay is bouncing the email. This seems to occur when an Apple Social user is deleted from Auth0. This same behavior does not seem to occur when a Facebook Social user is deleted as the Apps and Website is still Active on their facebook profile.

Please

help me understand if Auth0 is sending a request to Apple or all Social Connection paltforms to unlink the user’s previous consent for an Auth0 customer’s application.
Is there documentation around how this works per social provider?

[1]
On Mac go to system preferences → Apple ID → iCloud → Hide My Email → Options

[2]
Facebook Settings and Privacy → Settings → Apps and Websites

ty.frith · October 25, 2022, 4:50pm

Hey there @jeremiah.brooks, sorry for the delayed response!

Apple created a new requirement earlier this year that when a user is deleted, a call has to be sent to a specific Apple API which can de-provision the user from that application. Long story short, this is unfortunately out of Auth0’s control as we are following the procedure laid out by Apple’s requirement which was implemented in June. You are correct in that Facebook and other social IDPs do not have this additional requirement.

Hope this helps to clarify!

jeremiah.brooks · October 25, 2022, 5:02pm

@ty.frith thank you for the confirmation!

Does Auth0 plan to document this anywhere so users are aware of the inconsistencies or expected behavior?

ty.frith · November 2, 2022, 5:38pm

Hey @jeremiah.brooks apologize for the delayed response!

I don’t believe there is any plan to document this behavior as Auth0 is just following the procedure required by Apple. It might be worth creating a feedback request though - I’m sure others will be running into the same issue! Our product team monitors these pretty closely, so if there is enough engagement they may be swayed to add something in our documentation.

Topic		Replies	Views
How to handle returning Apple Sign In users who have previously deleted their account Get Help login-experience , signup-prompt-new-experience	3	59	May 5, 2026
Social connection account not fully deletable Get Help social-connections	3	2834	June 26, 2023
"User successfully deleted" event should be sent on deletion of user from any type of connection Product Feedback event , log-streaming	0	972	September 14, 2023
User deletion in Identity provider ack to Auth0 Get Help users , delete-user , identity , enterprise , enterprise-connectio	2	5081	July 26, 2019
Apple Account Deletion Requirements Get Help auth0 , sign-in-with-apple	2	1813	October 1, 2022

Deleting Social Connections - Auth0 updates behind the scenes

Related topics