Users may want to remove authentication methods for various reasons:
Switching to a new device or authenticator app
No longer having access to an email or phone number
Simplifying their authentication setup
The Authsignal pre-built UI provides a secure, user-friendly way for users to remove authenticators.
Implementation steps
1. Backend: Track action with settings redirect
Passing redirectToSettings: true in the track request will mean that after completing a challenge with an existing authentication method, users will be redirected to a settings menu where they can remove authentication methods.
Node.js
C#
Java
Ruby
Python
PHP
Go
const request = {
userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
action: "manageAuthenticators" ,
attributes: {
redirectUrl: "https://yourapp.com/callback"
redirectToSettings : true ,
},
};
const response = await authsignal . track ( request );
const url = response . url ;
var request = new TrackRequest (
UserId : "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
Action : "manageAuthenticators" ,
Attributes : new TrackAttributes (
RedirectUrl : "https://yourapp.com/callback" ,
RedirectToSettings : true
)
);
var response = await authsignal . Track ( request );
var url = response . Url ;
TrackRequest request = new TrackRequest ();
request . userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ;
request . action = "manageAuthenticators" ;
request . attributes = new TrackAttributes ();
request . attributes . redirectUrl = https : //yourapp.com/callback";
request . attributes . redirectToSettings = true ;
TrackResponse response = authsignal . track (request). get ();
String url = response . url ;
response = Authsignal . track ({
user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
action: "manageAuthenticators" ,
attributes: {
redirect_url: "https://yourapp.com/callback" ,
redirect_to_settings: true
}
})
url = response[ :url ]
response = authsignal.track(
user_id = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
action = "manageAuthenticators" ,
attributes = {
"redirectUrl" : "https://yourapp.com/callback" ,
"redirectToSettings" : True
}
)
url = response[ "url" ]
$response = Authsignal :: track ([
'userId' => "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
'action' => "manageAuthenticators" ,
'attributes' => [
'redirectUrl' => "https://yourapp.com/callback" ,
'redirectToSettings' => true
]
]);
$url = $response [ "url" ]
redirectToSettings := true
response , err := client . Track (
TrackRequest {
UserId : "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833" ,
Action : "manageAuthenticators" ,
Attributes : & TrackAttributes {
RedirectUrl : "https://yourapp.com/callback" ,
RedirectToSettings : & redirectToSettings ,
},
},
)
url := response . Url
2. Frontend: Launch settings flow
// Launch the pre-built UI for authenticator management
authsignal . launch ( url );
3. User experience
Users will:
Complete a challenge with one of their existing authenticators
Access the settings menu where they can view all their enrolled methods
Remove unwanted authenticators
The pre-built UI automatically enforces security by requiring authentication before allowing
removal. Users cannot remove their last remaining authenticator to prevent account lockout.
Administrative removal
Admins can remove authenticators for users through the Authsignal Portal :
Navigate to the Users section
Search for and select the user
Scroll down to see the enrolled authenticators
Remove specific methods as needed
Next steps