Recently, an unknown attacker started abusing our iOS app’s Firebase Phone auth by spamming requests to Google.cloud.identitytoolkit.v1.AuthenticationService.SendVerificationCode with various phone numbers from different IPs. Conseqently, our app loses approximately 200 USD every day.

I want to delete user account. This is web app, so using sdk web firebase with signup with apple.
I was trying documentation and can’t find any revokeAccessToken mentioned there…
So how could I do this? This is only on IOS documentation…