13.7.1.5 DROP USER Syntax

The DROP USER statement removes one or more MySQL accounts and their privileges. It removes privilege rows for the account from all grant tables.

Roles named in the mandatory_roles system variable value cannot be dropped.

To use DROP USER, you must have the global CREATE USER privilege, or the DELETE privilege for the mysql system database. When the read_only system variable is enabled, DROP USER additionally requires the CONNECTION_ADMIN or SUPER privilege.

DROP USER either succeeds for all named users or rolls back and has no effect if any error occurs. By default, an error occurs if you try to drop a user that does not exist. If the IF EXISTS clause is given, the statement produces a warning for each named user that does not exist, rather than an error.

The statement is written to the binary log if it succeeds, but not if it fails; in that case, rollback occurs and no changes are made. A statement written to the binary log includes all named users. If the IF EXISTS clause is given, this includes even users that do not exist and were not dropped.

Each account name uses the format described in Section 6.2.4, “Specifying Account Names”. For example:

The host name part of the account name, if omitted, defaults to '%'.

DROP USER does not automatically drop or invalidate databases or objects within them that the old user created. This includes stored programs or views for which the DEFINER attribute names the dropped user. Attempts to access such objects may produce an error if they execute in definer security context. (For information about security context, see Section 24.6, “Stored Object Access Control”.)