How to mass delete tokens?

jaylay · April 25, 2025, 10:58am

hey privacyidea community,
we have lots of defective tokens in our installation. They have the ‘rollout_state’ in either ‘verify’ or ‘clientwait’. Is there any sensible solution to delete them all? Maybe even with a repetitive cronjob? Ive been searching in the database but tokens, their owners, their infos and their realms are spread over at least 4 different tables, wihich makes a purely database based approach unfeasable. On the webfrontend i could not find a bulk/mass deletion option.

Does anyone have an idea?
Kind regards, Jay

julio · April 25, 2025, 12:22pm

Hello jaylay,

We have a documentation on:

In our readthedocs documentation you will find the necessary information.

This will match all Tokens in rollout_state “verify” and give you an output

privacyidea-token-janitor find --tokenattribute rollout_state --tokenattribute-value verify

In your scenario, this will match the ‘verify’ and delete it.

privacyidea-token-janitor find --tokenattribute rollout_state --tokenattribute-value verify --action delete

You should know what you are doing. Make a backup as a precaution.

br

Julio