RocketChat · ggazzo · Aug 29, 2025 · Aug 29, 2025 · Aug 29, 2025
diff --git a/.changeset/sharp-beers-search.md b/.changeset/sharp-beers-search.md
@@ -0,0 +1,5 @@
+---
+"@rocket.chat/meteor": major
+---
+
+Removes the deprecated  `insertOrUpdateUser` meteor method
diff --git a/apps/meteor/app/lib/server/index.ts b/apps/meteor/app/lib/server/index.ts
@@ -28,7 +28,6 @@ import './methods/getMessages';
 import './methods/getSlashCommandPreviews';
 import './methods/getUsernameSuggestion';
 import './methods/getUserRoles';
-import './methods/insertOrUpdateUser';
 import './methods/joinDefaultChannels';
 import './methods/joinRoom';
 import './methods/leaveRoom';

diff --git a/apps/meteor/app/lib/server/methods/insertOrUpdateUser.ts b/apps/meteor/app/lib/server/methods/insertOrUpdateUser.ts
diff --git a/apps/meteor/tests/end-to-end/api/methods.ts b/apps/meteor/tests/end-to-end/api/methods.ts
@@ -3251,80 +3251,6 @@ describe('Meteor.methods', () => {
 		});
 	});
 
-	describe('@insertOrUpdateUser', () => {
-		let testUser: TestUser<IUser>;
-		let testUserCredentials: Credentials;
-
-		before(async () => {
-			testUser = await createUser();
-			testUserCredentials = await login(testUser.username, password);
-		});
-
-		after(() => Promise.all([deleteUser(testUser)]));
-
-		it('should fail if user tries to verify their own email via insertOrUpdateUser', (done) => {
-			void request
-				.post(methodCall('insertOrUpdateUser'))
-				.set(testUserCredentials)
-				.send({
-					message: JSON.stringify({
-						method: 'insertOrUpdateUser',
-						params: [
-							{
-								_id: testUserCredentials['X-User-Id'],
-								email: '[email protected]',
-								verified: true,
-							},
-						],
-						id: '52',
-						msg: 'method',
-					}),
-				})
-				.expect('Content-Type', 'application/json')
-				.expect(200)
-				.expect((res) => {
-					expect(res.body).to.have.a.property('success', true);
-					expect(res.body).to.have.a.property('message').that.is.a('string');
-					const data = JSON.parse(res.body.message);
-					expect(data).to.have.a.property('msg', 'result');
-					expect(data).to.have.a.property('id', '52');
-					expect(data.error).to.have.property('error', 'error-action-not-allowed');
-				})
-				.end(done);
-		});
-
-		it('should pass if a user with the right permissions tries to verify the email of another user', (done) => {
-			void request
-				.post(methodCall('insertOrUpdateUser'))
-				.set(credentials)
-				.send({
-					message: JSON.stringify({
-						method: 'insertOrUpdateUser',
-						params: [
-							{
-								_id: testUserCredentials['X-User-Id'],
-								email: '[email protected]',
-								verified: true,
-							},
-						],
-						id: '52',
-						msg: 'method',
-					}),
-				})
-				.expect('Content-Type', 'application/json')
-				.expect(200)
-				.expect((res) => {
-					expect(res.body).to.have.a.property('success', true);
-					expect(res.body).to.have.a.property('message').that.is.a('string');
-					const data = JSON.parse(res.body.message);
-					expect(data).to.have.a.property('msg', 'result');
-					expect(data).to.have.a.property('id', '52');
-					expect(data).to.have.a.property('result', true);
-				})
-				.end(done);
-		});
-	});
-
 	(IS_EE ? describe : describe.skip)('[@auditGetAuditions] EE', () => {
 		let testUser: TestUser<IUser>;
 		let testUserCredentials: Credentials;