Updated on 2025-08-21 GMT+08:00

Deleting an MFA Device

Function

This API is used to delete an MFA device bound to a user. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.

URI

DELETE /v1/identity-stores/{identity_store_id}/users/{user_id}/mfa-devices/{device_id}

Table 1 Path parameters

Parameter

Mandatory

Type

Description

identity_store_id

Yes

String

Globally unique ID of an identity source.

user_id

Yes

String

Globally unique ID of an IAM Identity Center user in the identity source.

device_id

Yes

String

Device ID.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

X-Security-Token

No

String

Security token (session token) of your temporary security credentials. If a temporary security credential is used, this header is required.

Response Parameters

Status code: 200

Successful

Status code: 400

Table 3 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

Status code: 403

Table 4 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

encoded_authorization_message

String

Encrypted error message.

Status code: 404

Table 5 Parameters in the response body

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

request_id

String

Unique ID of a request.

Example Request

Deleting an MFA device bound to a user

DELETE https://{hostname}/v1/identity-stores/{identity_store_id}/users/{user_id}/mfa-devices/{device_id}

Example Response

None

Status Codes

Status Code

Description

200

Successful.

400

Bad request.

403

Forbidden.

404

Not found.

Error Codes

For details, see Error Codes.