This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Home
- Developers
- Discussions
- Re: remove user from application
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
remove user from application
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-26-2023 06:17 AM
Is there a way to remove a user from the app. I can delete all the user data from my side, but I can't remove their subscription from strava (from what I can see this isn't possible).
I am geting events for users that have been removed and I dont need to have those events.
Maybe I am missing something, I would appreciate any help/advice.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-08-2023 05:34 AM
So I managed to find out who the user was using the ID and the url to find the actual athlete. As my app is mainly cycling friends it was easy for them to remove themselves.
However, I agree, we as the app owners should be able to remove users if needed. This isnt a security issue, as you still need to provide your key to access strava api to carry out this removal.
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-07-2023 10:58 PM
Deauthorization is totally possible (you just make a POST request to https://www.strava.com/oauth/deauthorize), but you obviously need a valid access token. Otherwise anybody could deauthorize your app for any given athlete.
Since you already deleted the athlete from your database, your only choice is to have the user log into your app again so that you can re-obtain the access token. Until then, just keep ignoring the webhook events.
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2023 08:13 AM
I just got an email stating you can DeAuthorize an athlete. Link here
However, the challenge I have is that I have removed the Athlete data already, so I dont have the token. However whent he sub call happens I do get the AthleteID so I was hoping I could deauthorize using this? As my thought is that DeAuthorizing shouldnt be a security issue or any other issue from user/strava point of view?
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2023 06:55 AM
You are not missing anything. At the moment it is not possible to remove/revoke access for an athlete. The only option you have is to ignore any events which come in for users that do not exist in your database.
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-27-2023 07:20 AM
Thank you for replying @ActivityFix.
Its a shame this isn't available. I have already written the code to ignore these incoming events, but its just unnecessary noise.
Options
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-06-2023 11:58 AM
Agreed - I think it makes a lot of sense to be able to deauth users. It’s not hard to drop events but it doesn’t feel proper.
Related Content
- Adding the API tp a Springboot projrct in Developer Discussions
- invalid encoding when posting upload in Developer Discussions
- Full API Access Struggles in Developer Discussions
- How To Create a Fitness Mobile App Like Strava? in Developer Discussions
- Uploading activities via API: How to flag commute and trainer in Developer Discussions
Ready, Get Set, Go!
Welcome to the Community - here is your guide to help you get started!
Know how to use Community
Understand Community Settings
