Hello Supabase Team, We're looking for some expert guidance on a persistent issue we're facing with deleting a specific user from `auth.users`. We've been troubleshooting this for several hours and have exhausted all our diagnostic and repair options. The core issue is a contradiction: our Admin API calls to delete the user fail, but direct SQL simulations of the deletion process succeed. **Project Ref:** `zrceytupwqztdmopulwv` **User to be Deleted:** * **Email:** `test.user@theforge.dev` * **ID:** `afa1dd5d-7559-488c-86d8-7a0f99b1d787` Here is a detailed log of our troubleshooting journey. We'd be grateful for any insight on what we might be missing or what to try next. --- ### **Troubleshooting Log & Outcomes** **1. Initial State & Goal:** * We have a multi-tenant schema (`public.th_users`, `public.th_portfolios`, etc.) with `ON DELETE RESTRICT` on the core `user -> portfolio` relationship. * Our goal is to run a cleanup script to purge old test users using the Node.js Admin SDK (`supabase.auth.admin.deleteUser(userId)`). **2. First Attempt: The Admin Script** * **Action:** Ran our TypeScript admin script to delete the user. * **Outcome:** **FAILED.** The script returned a generic `500 Internal Server Error` from the Auth API, with the message "Database error deleting user." This gave us no specific information. **3. Hypothesis 1: A Foreign Key Constraint is Blocking the Deletion.** * **Action:** We created a comprehensive SQL script (`purge-test-users.sql`) to manually delete all known dependencies in the correct order (`storage.objects`, then all `public` tables like `th_portfolios`, `th_users`, etc.). * **Outcome:** **FAILED.** The SQL script ran successfully, cleaning all dependent tables. However, running the TypeScript admin script immediately afterward *still* resulted in the same `500 Internal Server Error`. **4. Hypothesis 2: Our `ON DELETE RESTRICT` Rules are Flawed.** * **Action:** We created and successfully applied a new database migration (`0004_add_cascade_deletes_to_user_relations.sql`) to change the rules to `ON DELETE CASCADE` for most tables, thinking this would solve the issue. * **Outcome:** **FAILED.** Even with cascading deletes enabled, the `admin.deleteUser()` call continued to fail with the same generic error. (We have since reverted to our preferred `RESTRICT` / `SET NULL` architecture). **5. Hypothesis 3: A Hidden Trigger or RLS Policy is the Cause.** * **Action:** We engaged the Supabase Assistant and performed a deep diagnostic. * We ran a query to check all RLS policies. Nothing appeared to be blocking the `service_role`. * We ran a query to check for triggers and discovered a custom `INSTEAD OF DELETE` trigger on our `api.th_users` view (`trigger_delete_th_users`). * **Action to Remediate:** We successfully **dropped this trigger** using `DROP TRIGGER trigger_delete_th_users ON api.th_users;`. * **Outcome:** **FAILED.** Even after removing the trigger, the `admin.deleteUser()` call still fails. **6. The Critical Contradiction: Direct SQL Simulation Succeeds** * **Action:** We ran a comprehensive, multi-table diagnostic script (provided by the Supabase AI) directly in the SQL Editor. This script, wrapped in a `DO` block, simulates the entire deletion process in a single transaction. * **Outcome:** **SUCCESS.** The script completes with "Success. No rows returned." This proves that, from a pure database perspective (as the `postgres` role), there are no foreign key constraints preventing the deletion of all the user's data. --- ### **Current State & Our Question** We are now in a state where: * The target user has no dependent rows in any of our `public` tables. * The target user owns no objects or buckets in `storage`. * There are no custom triggers on `auth.users` or our `api` views. * A direct, multi-step `DELETE` in the SQL Editor works. * An `admin.deleteUser()` call from the Admin SDK (and the "Delete User" button in the Supabase Dashboard UI) **still fails.** This leads us to believe the issue is not a standard FK constraint but a more subtle, hidden dependency or a potential issue with the state of this specific user account within the `auth` schema itself. **Our Ask:** Given this extensive history, what is the next diagnostic step you would recommend to uncover the true root cause of the `admin.deleteUser()` failure? Is there a way to get a more detailed error message from the Auth API's 500 response? Thank you for your time and guidance.