Docs > User Areas > Data APIs >

Account Management

Cofoundry provides several APIs for managing the current user's account:

Updating
Changing the password
Deleting

The AuthenticationSample project in the Cofoundry.Samples.UserAreas sample contains an example of account management features.

Updating the current user account

The current user's account can be updated by executing UpdateCurrentUserCommand. The easiest way to run this command is to use the IAdvancedContentRepository which provides an easy to use "patch" API. This means you don't have to worry about the existing state of the user, just update the properties you have values for:

await _advancedContentRepository
    .Users()
    .Current()
    .UpdateAsync(c =>
    {
        c.DisplayName = "Example User";
        c.Email = "[email protected]";
    });

Executing this command requires the CurrentUserUpdatePermission.

Updating the current users password

The password of the currently signed in user account can be updated using UpdateCurrentUserPasswordCommand, which requires their existing password to authenticate the request. As with other queries and commands that authenticate, rate limiting applies to mitigate abuse.

The easiest way to run this command is via IAdvancedContentRepository:

await _advancedContentRepository
    .Users()
    .Current()
    .UpdatePasswordAsync(new UpdateCurrentUserPasswordCommand()
    {
        OldPassword = "ExampleOldPassword",
        NewPassword = "ExampleNewPassword"
    });

Executing this command requires the CurrentUserUpdatePermission.

Deleting an account

The current user account can be deleted using DeleteCurrentUserCommand. This marks the user as deleted in the database (soft delete) and signs them out. Fields containing personal data are cleared and any optional dependencies are deleted. The remaining user record and relations are left in place for auditing.

Log tables that contain IP references are not deleted, however they will be cleared out periodically by a background task if background tasks are enabled, based on the configured retention policy.

The easiest way to run this command is via IAdvancedContentRepository:

await _contentRepository
    .Users()
    .Current()
    .DeleteAsync();

Executing this command requires the CurrentUserDeletePermission.