I would like to report a poor recovery experience after revoking a device from the web dashboard.
Here is what happened:
-
I revoked a device from the browser dashboard.
-
After that, my local Cursor terminal could no longer send messages and kept showing an authentication error.
-
The error message suggested logging out and logging back in.
-
I then went to the web side, logged out, and logged back in, but the problem still did not recover on the local client.
-
On the local client, the profile/avatar area was also not easy to use. The sign-out button was placed very low in the menu, and it was not visible unless I scrolled down. In this broken-auth state, that made recovery much harder than it should be.
The main usability issue is this:
when a device session is revoked remotely, the local client can get stuck in an invalid authentication state, but the most important recovery action — signing out locally — is hidden in a place that is easy to miss.
I suggest the following improvements:
-
Make the local client detect revoked sessions more clearly and guide the user through recovery.
-
Show a prominent “Sign out” or “Re-authenticate” button directly in the authentication error prompt.
-
Move the sign-out button higher in the profile menu so it is immediately visible without scrolling.
-
Consider automatically invalidating the stale local session and prompting the user to log in again.
This issue is not just a login failure. It is mainly a recovery-flow and UX problem after remote device revocation.