Revokes TOTP authenticator registration for a user
This step revokes TOTP authenticator registration from the user's profile in Mosaic. A TOTP is added to the user's profile using the Register TOTP step and retrieved using the "User Authenticators: User authenticators API" step.
Depending on the app settings, a user can have one or multiple TOTP authenticators registered. When overriding existing TOTPs is not allowed (that is, when multiple TOTPs are enabled, or when explicitly configured in the Register TOTP step for single-TOTP setups), revoking an old TOTP is the only option to register a new one.
If the step is successfully completed, the journey removes the TOTP authenticator from the user's profile and continues to the next step. If it fails, the journey proceeds to a failure branch (if one is specified); otherwise, the journey is aborted and an error is sent to the client.
| Field | Description |
|---|---|
| User auth state | Indicates if the user has authenticated in this journey. If the user is authenticated (default), the user context is provided implicitly by the journey. If not, a user identifier must be configured. |
| External user ID | User identifier, specified as an expression. Only configured if the journey doesn't authenticate the user before invoking this step. |
| TOTP ID | TOTP authenticator ID, specified as an expression. |
| Error output variable | Name of the variable that stores any errors returned by the step |
| Failure behavior | Determines the behavior in case of failure, which either aborts the journey or proceeds to a failure branch of the control flow (default). |