Skip to main content
Users may want to remove authentication methods for various reasons:
  • Switching to a new device or authenticator app
  • No longer having access to an email or phone number
  • Simplifying their authentication setup
The Authsignal pre-built UI provides a secure, user-friendly way for users to remove authenticators.

Implementation steps

1. Backend: Track action with settings redirect Passing redirectToSettings: true in the track request will mean that after completing a challenge with an existing authentication method, users will be redirected to a settings menu where they can remove authentication methods. 
const request = {
  userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
  action: "manageAuthenticators",
  attributes: {
    redirectUrl: "https://yourapp.com/callback"
    redirectToSettings: true,
  },
};

const response = await authsignal.track(request);

const url = response.url;
2. Frontend: Launch settings flow 
// Launch the pre-built UI for authenticator management
authsignal.launch(url);
3. User experience Users will:
  1. Complete a challenge with one of their existing authenticators
  2. Access the settings menu where they can view all their enrolled methods
  3. Remove unwanted authenticators
Removing authentication methods in the pre-built UI

Removing authentication methods in the pre-built UI

The pre-built UI automatically enforces security by requiring authentication before allowing removal. Users cannot remove their last remaining authenticator to prevent account lockout.

Administrative removal

Admins can remove authenticators for users through the Authsignal Portal:
  1. Navigate to the Users section
  2. Search for and select the user
  3. Scroll down to see the enrolled authenticators
  4. Remove specific methods as needed

Next steps