Multi-tenancy authentication API reference - delete member mfa phone number

Delete Member MFA phone number

DELETEhttps://test.stytch.com/v1/b2b/organizations/{organization_id}/members/mfa_phone_numbers/{member_id}

Delete a Member's MFA phone number.

To change a Member's phone number, you must first call this endpoint to delete the existing phone number.

Existing Member Sessions that include a phone number authentication factor will not be revoked if the phone number is deleted, and MFA will not be enforced until the Member logs in again. If you wish to enforce MFA immediately after a phone number is deleted, you can do so by prompting the Member to enter a new phone number and calling the OTP SMS send endpoint, then calling the OTP SMS Authenticate endpoint.

RBAC Enforced API

When a Member Session is passed in the Authorization headers, Stytch will enforce that the Member has permission to take the update.info.delete.mfa-phone Action on the stytch.member or stytch.self (depending on the target MemberID) Resource prior to honoring the request.

To learn more, see our RBAC guide.

Path parameters

organization_id* string

member_id* string

Header parameters

X-Stytch-Member-Session string

X-Stytch-Member-SessionJWT string

Response fields

request_id string

status_code int

member_id string

member object

organization object

curl --request DELETE \
  --url https://test.stytch.com/v1/b2b/organizations/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931/members/mfa_phone_numbers/member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json' \
  -H "X-Stytch-Member-Session: mZAYn5aLEqKUlZ_Ad9U_fWr38GaAQ1oFAhT8ds245v7Q"

RESPONSE

{
    "member": {...},
    "member_id": "member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f",
    "organization": {...}
    "request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
    "status_code": 200
}