(But this doesn't implement the same for deleting access tokens or e2e keys.

Also respond to code review.