From f5a3275499f8e3df6238a7fd51efe45480a2695a Mon Sep 17 00:00:00 2001
From: Recurly Integrations <dx@recurly.com>
Date: Fri, 10 Apr 2026 22:28:01 +0000
Subject: [PATCH] Generated Latest Changes for v2021-02-25

---
 lib/recurly.d.ts      | 15 ++++++++++-
 lib/recurly/Client.js | 18 +++++++++++++
 openapi/api.yaml      | 63 ++++++++++++++++++++++++++++++++++++++++++-
 3 files changed, 94 insertions(+), 2 deletions(-)

diff --git a/lib/recurly.d.ts b/lib/recurly.d.ts
index 05f193e5..b01ce20c 100644
--- a/lib/recurly.d.ts
+++ b/lib/recurly.d.ts
@@ -7628,9 +7628,22 @@ export declare class Client {
    * }
    * 
    * @param {string} accountId - Account ID or code. For ID no prefix is used e.g. `e28zov4fw0v2`. For code use prefix `code-`, e.g. `code-bob`.
+   * @param {Object} options - Optional configurations for the request
+   * @param {Object} options.params - The optional url parameters for this request.
+   * @param {boolean} options.params.redact - Permanently removes all personally identifiable information (PII) from this account after it has been deactivated, to fulfill a data subject's right to erasure under GDPR and similar privacy regulations (e.g. CCPA). Cannot be undone.
    * @return {Promise<Account>} An account.
    */
-  deactivateAccount(accountId: string): Promise<Account>;
+  deactivateAccount(accountId: string, options?: object): Promise<Account>;
+  /**
+   * Redact an account (GDPR Right to Erasure)
+   *
+   * API docs: https://developers.recurly.com/api/v2021-02-25#operation/redact_account
+   *
+   * 
+   * @param {string} accountId - Account ID or code. For ID no prefix is used e.g. `e28zov4fw0v2`. For code use prefix `code-`, e.g. `code-bob`.
+   * @return {Promise<Account>} Account has been accepted for redaction and will be processed asynchronously.
+   */
+  redactAccount(accountId: string): Promise<Account>;
   /**
    * Fetch an account's acquisition data
    *
diff --git a/lib/recurly/Client.js b/lib/recurly/Client.js
index 28025096..e27c93d2 100644
--- a/lib/recurly/Client.js
+++ b/lib/recurly/Client.js
@@ -271,6 +271,9 @@ class Client extends BaseClient {
    * }
    *
    * @param {string} accountId - Account ID or code. For ID no prefix is used e.g. `e28zov4fw0v2`. For code use prefix `code-`, e.g. `code-bob`.
+   * @param {Object} options - Optional configurations for the request
+   * @param {Object} options.params - The optional url parameters for this request.
+   * @param {boolean} options.params.redact - Permanently removes all personally identifiable information (PII) from this account after it has been deactivated, to fulfill a data subject's right to erasure under GDPR and similar privacy regulations (e.g. CCPA). Cannot be undone.
    * @return {Promise<Account>} An account.
    */
   async deactivateAccount (accountId, options = {}) {
@@ -279,6 +282,21 @@ class Client extends BaseClient {
     return this._makeRequest('DELETE', path, null, options)
   }
 
+  /**
+   * Redact an account (GDPR Right to Erasure)
+   *
+   * API docs: {@link https://developers.recurly.com/api/v2021-02-25#operation/redact_account}
+   *
+   *
+   * @param {string} accountId - Account ID or code. For ID no prefix is used e.g. `e28zov4fw0v2`. For code use prefix `code-`, e.g. `code-bob`.
+   * @return {Promise<Account>} Account has been accepted for redaction and will be processed asynchronously.
+   */
+  async redactAccount (accountId, options = {}) {
+    let path = '/accounts/{account_id}/redact'
+    path = this._interpolatePath(path, { 'account_id': accountId })
+    return this._makeRequest('PUT', path, null, options)
+  }
+
   /**
    * Fetch an account's acquisition data
    *
diff --git a/openapi/api.yaml b/openapi/api.yaml
index dc43a640..940dae0f 100644
--- a/openapi/api.yaml
+++ b/openapi/api.yaml
@@ -1297,6 +1297,15 @@ paths:
         and cancels any active subscriptions (canceled subscriptions will remain active
         until the end of the current billing cycle before expiring). We recommend
         closing accounts only when all business is concluded with a customer.
+      parameters:
+      - in: query
+        name: redact
+        schema:
+          type: boolean
+        description: Permanently removes all personally identifiable information (PII)
+          from this account after it has been deactivated, to fulfill a data subject's
+          right to erasure under GDPR and similar privacy regulations (e.g. CCPA).
+          Cannot be undone.
       responses:
         '200':
           description: An account.
@@ -1404,6 +1413,45 @@ paths:
           not found: %v\", e)\n\t\treturn nil, err\n\t}\n\tfmt.Printf(\"Unexpected
           Recurly error: %v\", e)\n\treturn nil, err\n}\nfmt.Printf(\"Deactivated
           Account: %s\", account.Id)"
+  "/accounts/{account_id}/redact":
+    parameters:
+    - "$ref": "#/components/parameters/account_id"
+    put:
+      tags:
+      - account
+      operationId: redact_account
+      summary: Redact an account (GDPR Right to Erasure)
+      description: Permanently and irreversibly removes all personally identifiable
+        information (PII) from an account to fulfill a data subject's right to erasure
+        under GDPR and similar privacy regulations (e.g. CCPA). This includes billing
+        information, shipping addresses, and transaction details such as names, email
+        addresses, and payment card data. The underlying account and transaction records
+        are retained for financial and audit purposes, but all personal data fields
+        are cleared. The account must have no active subscriptions, uninvoiced charges,
+        or partially paid invoices before it can be redacted. Redaction is processed
+        asynchronously and cannot be undone.
+      responses:
+        '200':
+          description: Account has been accepted for redaction and will be processed
+            asynchronously.
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/Account"
+        '422':
+          description: Account cannot be redacted. Common reasons include active subscriptions,
+            uninvoiced charges, or partially paid invoices.
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/Error"
+        default:
+          description: Unexpected error.
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/Error"
+      x-code-samples: []
   "/accounts/{account_id}/acquisition":
     parameters:
     - "$ref": "#/components/parameters/account_id"
@@ -25251,7 +25299,20 @@ components:
                   transactions where fraud checks have already been performed on the
                   initial transaction. Note that not all gateways support this feature.
                   For Stripe, this skips Radar fraud rules; for Adyen, this skips
-                  Risk checks.
+              skip_recurly_fraud:
+                type: boolean
+                title: Skip Recurly Fraud
+                description: When set to `true`, skips Recurly's fraud detection checks
+                  for this transaction, including Kount and IP-based fraud screening.
+                  Does not affect gateway-level fraud checks. Use `skip_all_fraud`
+                  to skip all fraud checks.
+              skip_all_fraud:
+                type: boolean
+                title: Skip All Fraud
+                description: When set to `true`, skips all fraud checks for this transaction,
+                  including both gateway-level fraud checks and Recurly's fraud detection
+                  services. This is useful for trusted transactions where fraud screening
+                  is not required.
         customer_notes:
           type: string
           title: Customer notes