Revert compromised recovery email and end user session

Your agents' recovery email changes may go untracked, leaving sessions active during incidents. Support can close incidents same day by reverting the email, ending sessions, and logging an audit row.

Overview

When a revoke command appears in your command channel, this flow confirms a recent recovery-email change, reverts the email, terminates active sessions, and logs the action for review. That turns a manual security chase into a same-day remediation with an audit trail.