Using an API to delete a visitor profile

Sitecore Search exposes a RESTful API that you can use to delete profiles of visitors to your app or website. One potential reason to delete a visitor profile is if your organization receives a request under the General Data Protection Regulation (GDPR) or California Consumer Privacy Act (CCPA).

When you delete a visitor profile, Search deletes all visitor records, which include the UUID, user_id, email address, locale, and anything else. This causes all historical actions recorded against that profile, such as clicking documents or bookmarking items, to become anonymous. In the Analytics section of the Customer Engagement Console (CEC), these actions will still exist but won't be associated with a locale nor anything else that identifies the visitor.


Administrators can also delete visitor profiles through the CEC.


Before you begin

  • Ensure you have the TechAdmin role.

  • If you do not have a subdomain, ensure you have an API key or access token with the user scope.

    If you have a subdomain, you do not need to authenticate; that is, you do not need to pass an API key or access token.

Sample request

Assume your domain ID is 4123478511, and you want to delete three visitor profiles. You have the UUID for one visitor (159271561-a-b-c-d-f5tdhddqwvywv7b9g2vy-1664852644904), a user_id for a second visitor (sample_user_ID), and the email address ( of a third visitor.

Here's a sample CURL call to delete the three users based on the information available:

curl --location --request DELETE ',sampleuser_id,'\
--header 'Authorization: 01-21871e4d-5376b9477eaed0dc7afb22c474aad8618ca53fc3'

If this request is successful, you get the following response:

    "request_id": "sample_requestID_123"

If the request fails, you'll see an error code and error message.

Do you have some feedback for us?

If you have suggestions for improving this article,