diff --git a/src/models/ctx/update_profile.rs b/src/models/ctx/update_profile.rs
index 682c40295..caa478eab 100644
--- a/src/models/ctx/update_profile.rs
+++ b/src/models/ctx/update_profile.rs
@@ -30,8 +30,8 @@ pub fn update_profile<E: Env + 'static>(
                 Effects::none().unchanged()
             }
         }
-        Msg::Action(Action::Ctx(ActionCtx::DeleteAccount(password))) => match &profile.auth {
-            Some(_) => Effects::one(delete_account::<E>(password)).unchanged(),
+        Msg::Action(Action::Ctx(ActionCtx::DeleteAccount(password))) => match profile.auth_key() {
+            Some(auth_key) => Effects::one(delete_account::<E>(auth_key, password)).unchanged(),
             _ => Effects::msg(Msg::Event(Event::Error {
                 error: CtxError::from(OtherError::UserNotLoggedIn),
                 source: Box::new(Event::UserAccountDeleted { uid: profile.uid() }),
@@ -390,7 +390,10 @@ pub fn update_profile<E: Env + 'static>(
                 }
             }
         }
-        Msg::Internal(Internal::DeleteAccountAPIResult(_, result)) => match result {
+        Msg::Internal(Internal::DeleteAccountAPIResult(
+            APIRequest::DeleteAccount { auth_key, .. },
+            result,
+        )) if profile.auth_key() == Some(auth_key) => match result {
             Ok(_) => Effects::msg(Msg::Internal(Internal::Logout)).unchanged(),
             Err(error) => Effects::msg(Msg::Event(Event::Error {
                 error: error.to_owned(),
@@ -507,8 +510,9 @@ fn push_profile_to_storage<E: Env + 'static>(profile: &Profile) -> Effect {
     .into()
 }
 
-fn delete_account<E: Env + 'static>(password: &String) -> Effect {
+fn delete_account<E: Env + 'static>(auth_key: &AuthKey, password: &String) -> Effect {
     let request = APIRequest::DeleteAccount {
+        auth_key: auth_key.to_owned(),
         password: password.to_owned(),
     };
     EffectFuture::Concurrent(
diff --git a/src/types/api/request.rs b/src/types/api/request.rs
index 893108228..9dfd3841f 100644
--- a/src/types/api/request.rs
+++ b/src/types/api/request.rs
@@ -51,6 +51,7 @@ pub enum APIRequest {
     },
     #[serde(rename_all = "camelCase")]
     DeleteAccount {
+        auth_key: AuthKey,
         password: String,
     },
     #[serde(rename_all = "camelCase")]
diff --git a/src/unit_tests/ctx/delete_account.rs b/src/unit_tests/ctx/delete_account.rs
index b8979cf88..1f2543dcf 100644
--- a/src/unit_tests/ctx/delete_account.rs
+++ b/src/unit_tests/ctx/delete_account.rs
@@ -32,7 +32,7 @@ fn actionctx_delete_account() {
                 url, method, body, ..
             } if url == "https://api.strem.io/api/deleteUser"
                 && method == "POST"
-                && body == "{\"type\":\"DeleteAccount\",\"password\":\"password\"}" =>
+                && body == "{\"type\":\"DeleteAccount\",\"authKey\":\"auth_key\",\"password\":\"password\"}" =>
             {
                 future::ok(
                     Box::new(APIResult::Ok(SuccessResponse { success: True {} }))
@@ -138,7 +138,8 @@ fn actionctx_delete_account() {
         Request {
             url: "https://api.strem.io/api/deleteUser".to_owned(),
             method: "POST".to_owned(),
-            body: "{\"type\":\"DeleteAccount\",\"password\":\"password\"}".to_owned(),
+            body: "{\"type\":\"DeleteAccount\",\"authKey\":\"auth_key\",\"password\":\"password\"}"
+                .to_owned(),
             ..Default::default()
         },
         "Delete account request has been sent"