My JSONStore will store multiple user data on same device, each user have own userId and password.
If one of the users forgot his/her password, I need to destroy his/her JSONStore data using the userId, keeping the other users' intact.
It that possible?
What I know about JSONStore in IBM MobileFirst is:
I have a function to destroy all JSONstore
Only able to destroy particular JSONStore after login (but the user already forgot the password, he can't login)
In my opinion it is a bit drastic to destroy a user's data because the password was forgotten, we're not in a James Bond movie. :-)
There is an API method to change password, so for example when a user sets up an account (a JSONStore) s/he will also answer a question. You will store the username and correlating questions & answers in another JSONStore, either public or protected with an internal username/password. If a user forgot his/her password and tried to login for example three times, ask the security question and if correctly answered then provide the option to change the specific user's JSONStore password using the changePassword API method (read more here). If failed as well for three times, destroy the JSONStore.
It is indeed possible to destroy a JSONStore of a specific user, and you are not at all required to first login in order to do that. The destroy API method also accepts optional parameters, one of them is the username of the specific JSONStore you would like to destroy. See the destroy API method in the MobileFirst Platform Foundation 7.0 user documentation.
destroy
{Promise} destroy(username, options)
Completely wipes data for all users, destroys the internal storage, and clears security artifacts.
Parameters:
{string} username Optional - Only removes data that is related to the specific username that is passed.