ReachFive · sachaMemmir5 · Dec 15, 2025
diff --git a/src/main/__tests__/sessionDevices.spec.ts b/src/main/__tests__/sessionDevices.spec.ts
@@ -64,5 +64,29 @@ test('list session devices', async () => {
       }
     ]
   })
+})
+
+test('remove session device', async () => {
+  const { client, domain } = createDefaultTestClient()
+  const accessToken = 'accesstoken'
+  const sessionDeviceId = 'UUID'
+
+  const removeSessionDeviceCall = fetchMock.mockResponseOnce(
+    JSON.stringify('')
+  )
+
+  const result = await client.removeSessionDevice({accessToken, sessionDeviceId})
+
+  expect(removeSessionDeviceCall).toHaveBeenCalledWith(
+    `https://${domain}/identity/v1/session-devices/${sessionDeviceId}`,
+    {
+      method: 'DELETE',
+      headers: expect.objectContaining({
+        ...headers.accessToken(accessToken)
+      })
+    }
+  )
 
+  expect(result).toEqual('')
 })
+
diff --git a/src/main/main.ts b/src/main/main.ts
@@ -47,6 +47,7 @@ import ProfileClient, {
   EmailVerificationParams,
   GetUserParams,
   PhoneNumberVerificationParams,
+  RemoveSessionDeviceParams,
   RequestAccountRecoveryParams,
   RequestPasswordResetParams,
   UnlinkParams,
@@ -114,6 +115,7 @@ export type Client = {
   remoteSettings: Promise<RemoteSettings>
   removeMfaEmail: (params: RemoveMfaEmailParams) => Promise<void>
   removeMfaPhoneNumber: (params: RemoveMfaPhoneNumberParams) => Promise<void>
+  removeSessionDevice: (params: RemoveSessionDeviceParams) => Promise<void>
   removeTrustedDevice: (params: DeleteTrustedDeviceParams) => Promise<void>
   removeWebAuthnDevice: (accessToken: string, deviceId: string) => Promise<void>
   requestAccountRecovery: (params: RequestAccountRecoveryParams) => Promise<void>
@@ -341,6 +343,10 @@ export function createClient(creationConfig: Config): Client {
     return apiClients.then((clients) => clients.mfa.removeMfaPhoneNumber(params))
   }
 
+  function removeSessionDevice(params: RemoveSessionDeviceParams) {
+    return apiClients.then((clients) => clients.profile.removeSessionDevice(params))
+  }
+
   function removeTrustedDevice(params: DeleteTrustedDeviceParams) {
     return apiClients.then((clients) => clients.mfa.deleteTrustedDevices(params))
   }
@@ -473,6 +479,7 @@ export function createClient(creationConfig: Config): Client {
     remoteSettings,
     removeMfaEmail,
     removeMfaPhoneNumber,
+    removeSessionDevice,
     removeTrustedDevice,
     removeWebAuthnDevice,
     requestAccountRecovery,

diff --git a/src/main/profileClient.ts b/src/main/profileClient.ts
@@ -58,6 +58,12 @@ type EmailVerificationCodeUpdatePasswordParams = {
   verificationCode: string
   password: string
 }
+
+export type RemoveSessionDeviceParams = {
+  accessToken: string
+  sessionDeviceId: string
+}
+
 type SmsVerificationCodeUpdatePasswordParams = {
   accessToken?: string
   phoneNumber: string
@@ -146,6 +152,11 @@ export default class ProfileClient {
     return this.http.get<SessionDeviceListResponse>(this.sessionDevicesUrl, { accessToken })
   }
 
+  removeSessionDevice(params: RemoveSessionDeviceParams): Promise<void> {
+    const { accessToken, sessionDeviceId } = params
+    return this.http.remove<void>(`${this.sessionDevicesUrl}/${sessionDeviceId}`, {accessToken})
+  }
+
   getSignupData(signupToken: string): Promise<OpenIdUser> {
     return this.http.get<OpenIdUser>(this.signupDataUrl, {
       query: {