Skip to main content

Revoke a trusted device

DELETE 

/api/v1/auth/2fa/trusted-devices/:device_id

Revoke a single trusted-device entry on the authenticated user.

Clears the cookie on the response if the caller's current browser was using this device, so the next login prompts for 2FA immediately.

  • 404 if device_id is unknown.
  • Rate limit: 20 / 15 min / user (auth_mfa tier).

Request

Responses

Successful Response