Deleting a device

Users might need to delete an MFA device if it’s lost or replaced. To do so, first authenticate with the device, then use the deleteUserDevice function. Delete a TOTP device: 
import { useMfa } from '@dynamic-labs/sdk-react-core';

const { authenticateDevice, deleteUserDevice } = useMfa();

const deleteDevice = async (deviceId: string, code: string) => {
  // First, create a single-use MFA token for the device
  const mfaAuthToken = await authenticateDevice({ 
    code, 
    deviceId, 
    createMfaToken: { singleUse: true } 
  });

  // Then, delete the device using the token
  await deleteUserDevice(deviceId, mfaAuthToken);
};

Admin Reset

If a user loses all their devices and recovery codes, an admin can reset their MFA from the Dynamic dashboard.
  1. Go to the Users page in the Dynamic Dashboard.
  2. Find the user and open their detail panel.
  3. In the Security section, click Reset MFA.
  4. Confirm the action.
This removes all MFA devices from the user’s account, letting them set up a new device on their next login.