JavaScript
iOS
React
Node
Go
Python
Ruby
PHP
.NET
Java
REST// request data export for multiple users at once
await client.exportUsers({ user_ids: ["<user id1>", "<user id1>"] });Activity Feeds V3 is in closed alpha — do not use it in production (just yet).
GDPR
Companies conducting business within the European Union are legally required to comply with the General Data Protection Regulation (GDPR).
While many aspects of this regulation may not significantly affect your integration with Stream, the GDPR provisions regarding the right to data access and the right to erasure are directly pertinent.
These provisions relate to data that is stored and managed on Stream’s servers.
The Right to Access Data
GDPR gives EU citizens the right to request access to their information and the right to have access to this information in a portable format. Stream covers this requirement with the user export method.
This method can only be used with server-side authentication:
package main
import (
"context"
"log"
"github.com/GetStream/getstream-go/v3"
)
func main() {
client, err := getstream.NewClient("<your_api_key>", "<your_api_secret>")
if err != nil {
log.Fatal(err)
}
ctx := context.Background()
// Request data export for multiple users at once (GDPR compliance)
exportResponse, err := client.ExportUsers(ctx, &getstream.ExportUsersRequest{
UserIds: []string{"<user id1>", "<user id2>"},
})
if err != nil {
log.Fatal(err)
}
log.Printf("Export task started: %s", exportResponse.Data.TaskID)
}Exporting users can take some time, this is how you can check the progress:
// Example of monitoring the status of an async task
// The logic is same for all async tasks
const response = await client.exportUsers({
user_ids: ["<user id1>", "<user id1>"],
});
// you need to poll this endpoint
const taskResponse = await client.getTask({ id: response.task_id });
console.log(taskResponse.status === "completed");package main
import (
"context"
"log"
"time"
"github.com/GetStream/getstream-go/v3"
)
func main() {
client, err := getstream.NewClient("<your_api_key>", "<your_api_secret>")
if err != nil {
log.Fatal(err)
}
ctx := context.Background()
// Example of monitoring the status of an async task
// The logic is same for all async tasks
response, err := client.ExportUsers(ctx, &getstream.ExportUsersRequest{
UserIds: []string{"<user id1>", "<user id2>"},
})
if err != nil {
log.Fatal(err)
}
// Poll the task status for GDPR export completion
taskID := response.Data.TaskID
log.Printf("Monitoring GDPR export task: %s", taskID)
for {
taskResponse, err := client.GetTask(ctx, &getstream.GetTaskRequest{
ID: taskID,
})
if err != nil {
log.Fatal(err)
}
log.Printf("GDPR export status: %s", taskResponse.Data.Status)
if taskResponse.Data.Status == "completed" {
log.Println("GDPR export completed successfully!")
// The exported data URL will be available in the task response
if taskResponse.Data.Result != nil {
log.Printf("Export data available at: %+v", taskResponse.Data.Result)
}
break
} else if taskResponse.Data.Status == "failed" {
log.Println("GDPR export failed!")
break
}
// Wait before polling again
time.Sleep(5 * time.Second)
}
}The Right to Erasure
The GDPR also grants EU citizens the right to request the deletion of their personal information.
Stream offers mechanisms to delete users and feeds in accordance with various use cases, ensuring compliance with these regulations.
The operations performed on users, such as updating and deleting, have an effect on all products (chat, feeds and video).
client.deleteUsers({ user_ids: ["<id>"] });
//restore
client.restoreUsers({ user_ids: ["<id>"] });package main
import (
"context"
"log"
"github.com/GetStream/getstream-go/v3"
)
func main() {
client, err := getstream.NewClient("<your_api_key>", "<your_api_secret>")
if err != nil {
log.Fatal(err)
}
ctx := context.Background()
// GDPR compliant user deletion (hard delete for complete erasure)
deleteResponse, err := client.DeleteUsers(ctx, &getstream.DeleteUsersRequest{
UserIds: []string{"<user id>"},
User: getstream.PtrTo("hard"), // Complete erasure for GDPR compliance
Messages: getstream.PtrTo("hard"), // Delete all messages
Conversations: getstream.PtrTo("hard"), // Delete all conversations
Calls: getstream.PtrTo("hard"), // Delete all call data
})
if err != nil {
log.Fatal(err)
}
log.Printf("GDPR deletion initiated: %+v", deleteResponse)
// Soft delete (can be restored - not GDPR compliant for erasure)
softDeleteResponse, err := client.DeleteUsers(ctx, &getstream.DeleteUsersRequest{
UserIds: []string{"<user id>"},
User: getstream.PtrTo("soft"), // Soft delete (default)
})
if err != nil {
log.Fatal(err)
}
log.Printf("Soft deletion completed: %+v", softDeleteResponse)
// Restore soft-deleted users (only works for soft deletes)
restoreResponse, err := client.RestoreUsers(ctx, &getstream.RestoreUsersRequest{
UserIds: []string{"<user id>"},
})
if err != nil {
log.Printf("Restore failed (expected for hard deletes): %v", err)
} else {
log.Printf("Users restored: %+v", restoreResponse)
}
}The delete users endpoints supports the following parameters to control which data needs to be deleted and how. By default users and their data are soft-deleted.
| Name | Type | Description | Optional |
|---|---|---|---|
user | Enum (soft, pruning, hard) | - Soft: marks user as deleted and retains all user data. - Pruning: marks user as deleted and nullifies user information. - Hard: deletes user completely - this requires hard option for messages and conversation as well. | Yes |
conversations | Enum (soft, hard) | - Soft: marks all conversation channels as deleted (same effect as Delete Channels with ‘hard’ option disabled). - Hard: deletes channel and all its data completely including messages (same effect as Delete Channels with ‘hard’ option enabled). | Yes |
messages | Enum (soft, pruning, hard) | - Soft: marks all user messages as deleted without removing any related message data. - Pruning: marks all user messages as deleted, nullifies message information and removes some message data such as reactions and flags. - Hard: deletes messages completely with all related information. | Yes |
new_channel_owner_id | string | Channels owned by hard-deleted users will be transferred to this userID. If you doesn’t provide a value, the channel owner will have a system generated ID like delete-user-8219f6578a7395g | Yes |
calls | Enum (soft, hard) | - Soft: marks calls and related data as deleted. - Hard: deletes calls and related data completely Note that this applies only to 1:1 calls, not group calls | Yes |
Deleting users in bulk can take some time, this is how you can check the progress:
// Example of monitoring the status of an async task
// The logic is same for all async tasks
const response = await client.exportUsers({
user_ids: ["<user id1>", "<user id1>"],
});
// you need to poll this endpoint
const taskResponse = await client.getTask({ id: response.task_id });
console.log(taskResponse.status === "completed");- I'm working with the Stream Feeds React Native SDK and would like to ask questions about this documentation page: https://getstream.io/activity-feeds/docs/react-native/auth/gdpr.md
- View as markdown
- Open in ChatGPT
- Open in Claude
On this page: