Using this API, you can delete the token generated by mfa/otp/validate or /mfa/password/validate. Deleting the token after the MFA flow, while the session is still valid, ensures safety.

API endpoint example

'https://eu.api.capillarytech.com/auth/v1/mfa/token/expire

Resource information


URI	auth/v1/mfa/token/expire
HTTP method	POST
Pagination supported?	NA
Rate limit	NA
Batch support	NA

Request body parameters

Parameter (Parameters marked with * are mandatory)	Data Type	Description
brand*	String	Brand or organisation for which the token is generated.
deviceId*	String	Unique ID of the device that generated the MFA token.
token*	String	Token generated by `mfa/otp/validate`or`/mfa/password/validate`.
identifierType*	String	Type of identifier to identify the customer. Value: MOBILE, EMAIL, USERNAME, EXTERNALID
identifierValue*	String	Value of the identifier.

curl --location --request DELETE 'https://eu.api.capillarytech.com/auth/v1/mfa/token/expire' \
--header 'Content-Type: application/json' \
--header 'Cookie: _cfuvid=3f4QQnAFshdPPv1AGd9O_ZN2Kl6uuMuIprY_vy4hMa0-1717133572568-0.0.1.1-604800000' \
--data '{
    "brand":"Bukl",
    "deviceId":"1234",
    "token":"eyJpZHYiOlsiTU9CSUxFfDE4NzY3NDMxNzU0Il0sImRldiI6IjEyMzQiLCJvcmciOiJCVUtMIiwiYWxnIjoiSFMyNTYifQ.eyJ1aWQiOiIxNzgwNzc2IiwiaXNzIjoiQ0FQSUxMQVJZIFRFQ0hOT0xPR0lFUyIsImlzYyI6ImZhbHNlIiwib2djIjpbIjEwMDQ1OHxidWtsLmluZC5zb2x1dGlvbiJdLCJleHAiOjE3MTcxMzQ1ODEsImlhdCI6MTcxNzEzMzY4MSwicm9sIjoiVVNFUiJ9.noFciro35BOSsSipH4XnS9V57A3xgKpwB2Gttg8s4vs",
    "identifierType":"MOBILE",
    "identifierValue":"18767431754"
}'

Response parameters

Parameter	Datatype	Description
status	object	Object containing status information.
- success	boolean	Boolean indicating the status of the request.
- code	integer	HTTP status code indicating the result. Example: 200 indicates success.
- message	string	Message describing the status of the request.

{
    "status": {
        "success": true,
        "code": 200,
        "message": "Token expired successfully"
    }
}