diff --git a/public/javascripts/admin.js b/public/javascripts/admin.js
index bf883e2..126a3a0 100644
--- a/public/javascripts/admin.js
+++ b/public/javascripts/admin.js
@@ -133,6 +133,24 @@ $(document).ready(function (){
         }
     });
 
+    $('.userDelete').on('click', function(){
+        if(confirm('Are you sure you want to delete?')){
+            $.ajax({
+                method: 'POST',
+                url: '/admin/user/delete',
+                data: {
+                    userId: $(this).attr('data-id')
+                }
+            })
+            .done(function(msg){
+                showNotification(msg.message, 'success', true);
+            })
+            .fail(function(msg){
+                showNotification(msg.responseJSON.message, 'danger');
+            });
+        }
+    });
+
     $('#userEditForm').validator().on('submit', function(e){
         if(!e.isDefaultPrevented()){
             e.preventDefault();
diff --git a/routes/user.js b/routes/user.js
index aeac2c7..62ddf81 100644
--- a/routes/user.js
+++ b/routes/user.js
@@ -86,81 +86,43 @@ router.get('/admin/user/new', restrict, (req, res) => {
 });
 
 // delete user
-router.get('/admin/user/delete/:id', restrict, async (req, res) => {
+router.post('/admin/user/delete', restrict, async (req, res) => {
     const db = req.app.db;
 
     // userId
     if(req.session.isAdmin !== true){
-        if(req.apiAuthenticated){
-            res.status(400).json({ message: 'Access denied' });
-            return;
-        }
-
-        req.session.message = 'Access denied.';
-        req.session.messageType = 'danger';
-        res.redirect('/admin/users');
+        res.status(400).json({ message: 'Access denied' });
         return;
     }
 
     // Cannot delete your own account
-    if(req.session.userId === req.params.id){
-        if(req.apiAuthenticated){
-            res.status(400).json({ message: 'Unable to delete own user account' });
-            return;
-        }
-
-        req.session.message = 'Unable to delete own user account.';
-        req.session.messageType = 'danger';
-        res.redirect('/admin/users');
+    if(req.session.userId === req.body.userId){
+        res.status(400).json({ message: 'Unable to delete own user account' });
         return;
     }
 
-    const user = await db.users.findOne({ _id: common.getId(req.params.id) });
+    const user = await db.users.findOne({ _id: common.getId(req.body.userId) });
 
     // If user is not found
     if(!user){
-        if(req.apiAuthenticated){
-            res.status(400).json({ message: 'User not found.' });
-            return;
-        }
-
-        req.session.message = 'User not found.';
-        req.session.messageType = 'danger';
-        res.redirect('/admin/users');
+        res.status(400).json({ message: 'User not found.' });
         return;
     }
 
     // Cannot delete the original user/owner
     if(user.isOwner){
-        if(req.apiAuthenticated){
-            res.status(400).json({ message: 'Access denied.' });
-            return;
-        }
-
-        req.session.message = 'Access denied.';
-        req.session.messageType = 'danger';
-        res.redirect('/admin/users');
+        res.status(400).json({ message: 'Access denied.' });
         return;
     }
 
     try{
-        await db.users.deleteOne({ _id: common.getId(req.params.id) }, {});
-        if(req.apiAuthenticated){
-            res.status(200).json({ message: 'User deleted.' });
-            return;
-        }
-        req.session.message = 'User deleted.';
-        req.session.messageType = 'success';
-        res.redirect('/admin/users');
+        await db.users.deleteOne({ _id: common.getId(req.body.userId) }, {});
+        res.status(200).json({ message: 'User deleted.' });
+        return;
     }catch(ex){
         console.log('Failed to delete user', ex);
-        if(req.apiAuthenticated){
-            res.status(200).json({ message: 'Cannot delete user' });
-            return;
-        }
-        req.session.message = 'Cannot delete user';
-        req.session.messageType = 'danger';
-        res.redirect('/admin/users');
+        res.status(200).json({ message: 'Cannot delete user' });
+        return;
     };
 });
 
diff --git a/test/specs/users.js b/test/specs/users.js
index 2b19dad..edc7ceb 100644
--- a/test/specs/users.js
+++ b/test/specs/users.js
@@ -49,16 +49,22 @@ test('[Fail] Incorrect user password', async t => {
 
 test('[Fail] Delete own user account', async t => {
     const res = await g.request
-        .get(`/admin/user/delete/${g.users[0]._id}`)
-        .expect(302);
-    t.deepEqual(res.header['location'], '/admin/users');
+        .post('/admin/user/delete')
+        .send({
+            userId: g.users[0]._id
+        })
+        .expect(400);
+    t.deepEqual(res.body.message, 'Unable to delete own user account');
 });
 
 test('[Fail] Delete invalid user ID', async t => {
     const res = await g.request
-        .get('/admin/user/delete/invalid_user_id')
-        .expect(302);
-    t.deepEqual(res.header['location'], '/admin/users');
+        .post('/admin/user/delete')
+        .send({
+            userId: 'invalid_user_id'
+        })
+        .expect(400);
+    t.deepEqual(res.body.message, 'User not found.');
 });
 
 test('[Success] Create new user', async t => {
diff --git a/views/users.hbs b/views/users.hbs
index 0be2893..f46c4ed 100644
--- a/views/users.hbs
+++ b/views/users.hbs
@@ -19,7 +19,7 @@
                             {{/isAnAdmin}}
                             {{#isAnAdmin ../session.isAdmin}}
                                 <a href="/admin/user/edit/{{../this._id}}"><span class="glyphicon glyphicon-pencil" aria-hidden="true"></a>
-                                <a href="/admin/user/delete/{{../this._id}}" onclick="return confirm('Are you sure you want to delete?')"><span class="glyphicon glyphicon-trash" aria-hidden="true"></a>
+                                <a href="#" class="userDelete" data-id="{{../this._id}}"><span class="glyphicon glyphicon-trash" aria-hidden="true"></a>
                             {{/isAnAdmin}}
 						</span>
 					</li>