diff --git a/src/db/url.rs b/src/db/url.rs
index d41ef82..0d6e118 100644
--- a/src/db/url.rs
+++ b/src/db/url.rs
@@ -34,7 +34,7 @@ pub fn upsert_entry(
         .execute(connection)
 }
 
-pub fn delete_entry(path: &str) -> Result<usize, Error> {
+pub fn delete_entry(id: &str, path: &str) -> Result<usize, Error> {
     let connection = &mut establish_connection();
-    delete(urls.filter(url.eq(path))).execute(connection)
+    delete(urls.filter(url.eq(path)).filter(owned_by.eq(id))).execute(connection)
 }
diff --git a/src/handlers/url.rs b/src/handlers/url.rs
index 8acbcde..7762b90 100644
--- a/src/handlers/url.rs
+++ b/src/handlers/url.rs
@@ -10,16 +10,16 @@ pub fn handle_redirect(url: &str) -> Result<Redirect, (Status, &'static str)> {
     Ok(Redirect::to(row.destination_url))
 }
 
-pub fn handle_upsert(username: &str, dto: UpsertUrlDto<'_>) -> (Status, &'static str) {
-    let row = upsert_entry(username, dto.url, dto.destination_url, dto.ttl);
+pub fn handle_upsert(id: &str, dto: UpsertUrlDto<'_>) -> (Status, &'static str) {
+    let row = upsert_entry(id, dto.url, dto.destination_url, dto.ttl);
     if row.is_err() {
         return (Status::BadRequest, "Failed to upsert redirect");
     }
     (Status::Ok, "Successfully upserted redirect")
 }
 
-pub fn handle_delete(url: &str) -> (Status, &'static str) {
-    let row = delete_entry(url);
+pub fn handle_delete(id: &str, url: &str) -> (Status, &'static str) {
+    let row = delete_entry(id, url);
     if row.is_err() {
         return (Status::BadRequest, "Failed to delete redirect");
     }
diff --git a/src/main.rs b/src/main.rs
index 4ae6ee1..d1bac28 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -72,6 +72,6 @@ fn upsert(user: User, upsert: Json<dto::UpsertUrlDto<'_>>) -> (Status, &'static
 }
 
 #[delete("/<url>")]
-fn delete(url: &str) -> (Status, &'static str) {
-    handle_delete(url)
+fn delete(user: User, url: &str) -> (Status, &'static str) {
+    handle_delete(&user.id.as_str(), url)
 }