How can we reset a webauthn security key registered for a user profile via REST API call? I know the action reset is available for push/OATH device. There is no documentation present for webauthn.Refer the below doc:
https://backstage.forgerock.com/docs/am/7.3/authentication-guide/authn-mfa-reset-devices.html
Hi @KaranNayyar1,
I think you should be able to query the devices using this call (in my case using a service account access token)
curl 'https://openam-nom1.forgeblocks.com/am/json/realms/root/realms/alpha/users/<fr-idm-uuid>/devices/2fa/webauthn?_queryFilter=true' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV.....' \
Then you should be able to DELETE selectively entries by using the corresponding id:
curl --request DELETE 'https://openam-nom1.forgeblocks.com/am/json/realms/root/realms/alpha/users/<fr-idm-uuid>/devices/2fa/webauthn/<id>
Regards
Patrick
Note that the DELETE can only be done under an authenticated user session, admins can’t do it.
Interesting note - is there a particular reason as to why an administrative user can’t manage these?