This guide is for the React SDK only
Deleting a device
Users might need to delete an MFA device if it’s lost or replaced. To do so, first authenticate with the device, then use the deleteUserDevice function.
Delete a TOTP device with TOTP code:
import { useMfa } from '@dynamic-labs/sdk-react-core';
const { authenticateDevice, deleteUserDevice } = useMfa();
const deleteDevice = async (deviceId: string, code: string) => {
// First, create a single-use MFA token for the device
const mfaAuthToken = await authenticateDevice({
code,
deviceId,
createMfaToken: { singleUse: true }
});
// Then, delete the device using the token
await deleteUserDevice(deviceId, mfaAuthToken);
};
import { useMfa } from '@dynamic-labs/sdk-react-core';
const { authenticateRecoveryCode, deleteUserDevice } = useMfa();
const deleteDevice = async (deviceId: string, code: string) => {
// First, create a single-use MFA token for the device
const mfaAuthToken = await authenticateRecoveryCode({
code,
createMfaToken: { singleUse: true }
});
// Then, delete the device using the token
await deleteUserDevice(deviceId, mfaAuthToken);
};
Admin Reset
If a user loses all their devices and recovery codes, an admin can reset their MFA from the Dynamic dashboard.
- Go to the Users page in the Dynamic Dashboard.
- Find the user and open their detail panel.
- In the Security section, click Reset MFA.
- Confirm the action.
This removes all MFA devices from the user’s account, letting them set up a new device on their next login.
