How to remove 2 factor authentication tokens in IPA

How to remove 2 factor authentication tokens in IPA using UI

  1. Log into https://id.fedoraproject.org/ipa/ui/ using FAS credentials

  2. Click on the Authentication tab

  3. Click on the OTP Tokens sub tab

  4. Enter the username into the search bar. This will display a list of tokens associated with the user.

  5. Select the desired token and click delete. A popup will appear, click delete again to confirm.

How to remove 2 factor authentication tokens in IPA using cli

  1. kinit as user with admin privileges on IPA server

  2. Run ipa otptoken-find --owner=<username>

    A list of the users OTP tokens will be displayed. Copy Unique ID vlaue of the desired token

  3. Run ipa otptoken-del <Unique_ID>

    The token is now removed

Want to help? Learn how to contribute to Fedora Docs