Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.kavachos.com/llms.txt

Use this file to discover all available pages before exploring further.

KavachOS includes built-in tools for the three GDPR obligations that most commonly require custom code: giving users their data, deleting their account on request, and anonymizing audit trails.
These tools cover the technical layer. Your privacy policy, data processing agreements, and response timelines are your responsibility.

Setup

lib/kavach.ts
import { createKavach } from 'kavachos';
import { gdpr } from 'kavachos/auth'; 

const kavach = await createKavach({
  database: { provider: 'postgres', url: process.env.DATABASE_URL! },
  secret: process.env.KAVACH_SECRET!,
  baseUrl: 'https://auth.example.com',
  plugins: [
    gdpr({ 
      requireDeletionConfirmation: true, 
    }), 
  ],
});

Export user data

POST /auth/gdpr/export Returns a JSON bundle of all data KavachOS holds for the authenticated user: profile, sessions, audit events, and any plugin-specific records.
Request export (client)
const res = await fetch('/auth/gdpr/export', {
  method: 'POST',
  credentials: 'include',
});

const { data } = await res.json();
// data.user, data.sessions, data.auditLog, data.agents, ...
The export runs synchronously for small datasets. For accounts with large audit logs, the response includes a downloadUrl that expires after 24 hours instead of embedding the full payload.

Delete account

POST /auth/gdpr/delete Permanently deletes the user account and all associated data. Sessions are revoked immediately. If requireDeletionConfirmation is true, the user must provide their password (or a confirmation token sent by email):
Delete account (client)
const res = await fetch('/auth/gdpr/delete', {
  method: 'POST',
  credentials: 'include',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    confirmation: 'DELETE', // literal string
    password: 'correct horse battery', // if requireDeletionConfirmation is true
  }),
});
Deletion is irreversible. Any app data you store outside KavachOS that references the user ID will become orphaned. Use the onBeforeDelete hook to cascade deletes in your own tables first.

onBeforeDelete hook

lib/kavach.ts
gdpr({
  onBeforeDelete: async (userId) => { 
    await db.delete(posts).where(eq(posts.authorId, userId)); 
    await db.delete(comments).where(eq(comments.userId, userId)); 
  }, 
}),

Anonymize audit log

For cases where you need to retain audit records for compliance but cannot keep personal data, KavachOS can anonymize the audit log for a user without deleting it:
Anonymize audit log (server)
import { anonymizeAuditLog } from 'kavachos/modules/gdpr';

await anonymizeAuditLog(kavach, {
  userId: 'usr_abc123',
  replacement: '[deleted]', // replaces email, name, IP in log entries
});
The audit events remain in place with timestamps and action types intact. Personal identifiers are overwritten with the replacement string.

Configuration reference

requireDeletionConfirmation
boolean
default:"true"
Require the user’s password before processing a deletion request.
onBeforeDelete
Async callback invoked before the user record is deleted. Use this to clean up app-level data.
exportFormat
'json' | 'url'
default:"'json'"
Format for the data export response. ‘json’ returns inline data, ‘url’ returns a signed download URL.
Last modified on April 18, 2026