Using this API, you can delete the token generated by mfa/otp/validate or /mfa/password/validate. Deleting the token after the MFA flow, while the session is still valid, ensures safety.

Example cURL request

curl --location --request DELETE 'https://eu.api.capillarytech.com/auth/v1/mfa/token/expire' \
--header 'Content-Type: application/json' \
--header 'Cookie: _cfuvid=3f4QQnAFshdPPv1AGd9O_ZN2Kl6uuMuIprY_vy4hMa0-1717133572568-0.0.1.1-604800000' \
--data '{
    "brand":"Bukl",
    "deviceId":"1234",
    "token":"eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0dJRSIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTcxMzQ1ODEsImlhdCI6MTcxNzEzMzY4MSwicm9sIjoiVVNFUiJ9.noFciro35BOSsSipH4XnS9V57A3xgKpwB2Gttg8s4vs",
    "identifierType":"MOBILE",
    "identifierValue":"18767431754"
}'

Resource information


URI	auth/v1/mfa/token/expire
HTTP method	POST
Pagination supported?	NA
Rate limit	NA
Batch support	NA

Request body parameters

(Parameters marked with * are mandatory)	Data Type	Description
brand*	String	Brand or organisation for which the token is generated.
deviceId*	String	Unique ID of the device that generated the MFA token.
token*	String	Token generated by `mfa/otp/validate`or`/mfa/password/validate`.
identifierType*	String	Type of identifier to identify the customer. Value: MOBILE, EMAIL, USERNAME, EXTERNALID
identifierValue*	String	Value of the identifier.

Response parameters

Parameter	Datatype	Description
status	object	Object containing status information.
success	boolean	Boolean indicating the status of the request.
code	integer	HTTP status code indicating the result. Example: 200 indicates success.
message	string	Message describing the status of the request.

{
    "status": {
        "success": true,
        "code": 200,
        "message": "Token expired successfully"
    }
}